Error reference HTTP status

502 Error: find the hop that failed

HTTP 502 means an intermediary server — a CDN edge, load balancer, reverse proxy, or the proxy you configured — contacted the server behind it and got an invalid response or none at all. The same three digits can point at opposite problems, so the fix starts with identifying which hop actually generated the error.

502 Error

What an HTTP 502 error means

A 502 means a server acting as an intermediary — a CDN edge, load balancer, or reverse proxy — forwarded your request to the server behind it and got back an invalid response or none at all: a refused connection, a reset, malformed data, or a crash mid-response. The intermediary is fine; the machine behind it is not, at least for that request.

When your requests travel through a forward proxy, two different intermediaries can produce the same code. The target's own edge returns a 502 when its origin is down or overloaded — everyone gets that one, proxy or not. Your proxy returns a 502 when its outbound connection to the target fails — only your configured path gets that one. The three digits are identical; the fixes are opposites.

Attribution is usually cheap: read the response body and headers. CDN and hosting layers ship recognizable branded error pages and distinctive Server headers, while proxy-generated 502s tend to be short and generic. When in doubt, the direct-versus-proxied comparison in the steps below settles it.

502 Error

How to fix a 502 error

502s are the most retryable of the 5xx family, but blind retries waste time when the origin is genuinely down. These steps identify the failing hop first, then apply the fix that matches.

  1. Retry once after one to two seconds. A large fraction of 502s are transient — an origin restarting, a deploy in progress, a brief overload — and clear immediately.
  2. Request the same URL without the proxy. A 502 both ways is target-side: no proxy, header, or client change will fix it — schedule the URL for later.
  3. Inspect the error body and Server header to identify which layer generated the page — hosting and CDN error pages are branded and distinctive, proxy-generated ones are short and generic.
  4. Retry through a fresh proxy session (new -session- ID) so the request uses a different exit IP. A single exit's route to a target can fail transiently while every other route is healthy.
  5. Lower concurrency against that target. Origins that refuse or drop connections under load surface as 502s from their own edge — backing off fixes what retrying cannot.
  6. Check protocol edge cases: missing SNI, HTTP versions the origin rejects, or oversized headers can all be relayed back to you as 502s by strict edges.
  7. If everything through the proxy returns 502 across unrelated targets, verify the proxy hostname and port, then test a known-good URL to confirm the path before blaming targets.
  8. Wrap it all in a retry budget: exponential backoff, a new session per attempt, and a per-URL cap so one dead origin cannot stall a whole crawl.
502 Error

502s in proxy-based scraping

With rotating residential proxies, an isolated 502 usually means one thing: that particular exit's connection to the target failed at that moment. Residential exits are real consumer connections, so a small tail of transient route failures is expected behavior, not a fault — it is why honest success rates are quoted at 99.7% rather than in absolutes. The engineering response is a cheap retry on a different exit, which converts nearly all of that tail into successes.

Patterns tell you more than single errors do. 502s concentrated on one target across many exits point at that origin; 502s that appear only when you raise concurrency point at overload; 502s across all targets point at your own configuration. Match the pattern before changing anything.

Retry on a fresh session

Changing the -session-<id> value in the username forces a different exit IP on the next request. Two or three attempts with new sessions and short backoff clears almost every transient 502 without slowing the crawl.

Read the pattern, not the error

Log which URL, session ID, and timestamp produced each 502. One target failing through every exit is an origin problem to wait out; failures that scale with your request rate are overload you should back off from.

Stability-tiered exits for fragile targets

For long-lived connections and latency-sensitive endpoints, Platinum's Tier-1 ISP-quality routes (with country, state, city, and ASN targeting) or a dedicated Static ISP IP hold steadier paths than rotating pools — fewer route changes, fewer mid-transfer failures.

502 Error

Retry 502s with session rotation

The canonical pattern: bounded retries, exponential backoff, and a new sticky-session ID per attempt so each retry leaves from a different exit IP. Anything still failing after three attempts goes back on the queue instead of blocking the crawl.

import time
import requests

def fetch(url, attempts=3):
    resp = None
    for i in range(attempts):
        # New -session- id per attempt = different exit IP
        user = f"USERNAME-country-us-session-retry{i}"
        proxy = f"http://{user}:[email protected]:10000"
        resp = requests.get(url, proxies={"http": proxy, "https": proxy},
                            timeout=30)
        if resp.status_code != 502:
            return resp
        time.sleep(2 ** i)
    return resp

resp = fetch("https://example.com/category/widgets")
print(resp.status_code)
FAQ

Frequently asked questions

Is a 502 my fault, my proxy's, or the website's?
It can be any of the three, which is why diagnosis comes first. Test the URL without the proxy: if it still fails, the target's own infrastructure is struggling and only waiting helps. If direct requests succeed, retry through a fresh proxy session; a single failing exit route clears on rotation. Persistent 502s through every exit point back at the target.
Why do I see occasional 502s through residential proxies?
Residential exits are real consumer connections, and any individual route can fail for a moment — the connection drops, the network shifts, the target resets it. A small retryable tail is normal even on healthy networks, which is why success rates are quoted as 99.7% rather than absolutes. Build a two-or-three-attempt retry with fresh sessions and the tail disappears from your results.
Does a 502 mean my proxy credentials are wrong?
No. Authentication failures against a proxy return 407 Proxy Authentication Required, not 502. A 502 happens after the proxy accepted your request, when the connection beyond it failed to produce a valid response. If you are seeing 407, fix the username and password (your dashboard API key) or authenticate by IP whitelist; if 502, focus on the route and the target.
How long should I wait before retrying a 502?
Start at one to two seconds and back off exponentially, changing the session ID so the retry uses a different exit IP. Most transient 502s clear on the first or second attempt. If a target still returns 502 after several minutes across multiple exits and a direct check, the origin itself is down — schedule the URL for later instead of hammering it.

Build for the retry, not the failure. Start routing today.

Rotating residential, ISP-quality, and mobile exits with per-session control across 200+ countries.

ProxyOmega ProxyOmega

90M+ ethically-sourced IPs across 200+ countries and 30,000+ cities. Residential, mobile, ISP and IPv6 proxies for scraping and AI agents.

GDPRCCPA
Product
Premium Unlimited Budget Unlimited Residential / ISP Mobile IPv6 Chrome Extension
Solutions
Web scraping AI agents Price monitoring SERP & SEO Integrations All use cases
Resources
Glossary Error codes Free tools Proxies by platform Locations
Company
About Blog Docs Reseller program Affiliate Contact Sign in
© 2026 ProxyOmega Ltd. All rights reserved.