HTTP Status Codes

HTTP status codes are describes status information during the communication between server and client. They are part of the HTTP (Hypertext Transfer Protocol) standard. Standart Http codes are three digit codes.

An HTTP status code is important for communication between a client (usually a web browser) and a web server, as it provides information about the outcome of a request, and helps clients understand how to proceed or diagnose problems when resources go under the well.

HTTP status codes are divided into five categories, each with its own implications:

Informational Class (1XX)

These codes are under the informational class and rarely used. These codes say that the request has been received and that the server is continuing to processing.

  • 100 - Continue : This code says that the client that the initial part of the request has been received and understood and that the client should proceed to send the remainder of the request.
  • 101 - Switching Protocols : This code says that the server is acknowledging the client's request to switch to a different protocol for communication. This status code is typically used during the WebSocket handshake process when a client requests to upgrade the connection from HTTP to the WebSocket protocol.
  • 102 - Processing : This code says that the server has received the request and is still processing it. This status code is typically used in scenarios where the server needs more time to complete the request, and it's often used in conjunction with long-running or asynchronous operations.
  • 103 - Early Hints : This code says that provide the client with some preliminary or early information about a response while the server is still processing the request. This can be especially useful for optimizing web performance and allowing the client to start processing resources that are known to be needed based on the request.

Successful Class (2XX)

These codes are under the successful class. These codes say that the request was successfully received, understood, and processed by the server.

  • 200 - OK : This code says that the client's request was successful, and the server has successfully processed and fulfilled the request. In other words, it means that the request was valid, and the server is sending back the requested resource or data in the response body.
  • 201 - Created : This code says that a request has been successfully fulfilled, and a new resource has been created as a result of the request. It is commonly used in RESTful API design to inform the client that the requested resource has been successfully created on the server.
  • 202 - Accepted : This code says that the request has been accepted for processing by the server, but the processing has not been completed at the time of the response. It's a way for the server to acknowledge receipt of the request and inform the client that the processing may take some time or occur asynchronously.
  • 203 - Non-Authoritative Information : This code says that the server has successfully fulfilled the client's request, but the response is not authoritative or definitive. It is used when the server is a proxy or gateway, and the response is derived from a source other than the original server, and the original server's response might be different.
  • 204 - No Content : This code says that the server has successfully processed the client's request but is not sending back any content in the response body. In other words, the request has been fulfilled, and there is no additional data to return to the client.
  • 205 - Reset Content : This code says that the client should reset or clear the current view or form in which the request was made. It is used in situations where the client's request has been successfully processed, and the server is instructing the client to clear any form fields or input data and start with a fresh, empty form or view.
  • 206 - Partial Content : This code says that the server has successfully fulfilled a partial GET request from the client. It is used when a client sends a request with the "Range" header to request only a specific portion of a resource, such as a range of bytes in a large file. The server then responds with the requested portion of the resource.
  • 207 - Multi-Status : This code says a multi-status response for a Web Distributed Authoring and Versioning (WebDAV) request. WebDAV is an extension of the HTTP protocol used for collaborative editing and managing files on web servers. The 207 status code is specifically designed for WebDAV operations, which can involve multiple sub-requests, each with its own status.
  • 208 - Already Reported : This code says a already reported response for a Web Distributed Authoring and Versioning (WebDAV) request. WebDAV is an extension of the HTTP protocol used for collaborative editing and managing files on web servers. The 208 status code is specific to WebDAV operations and indicates that the members of a DAV binding have already been enumerated in a preceding part of the multistatus response, and they are not being repeated.
  • 218 - This is fine : It is not a standard HTTP status code defined in the HTTP/1.1 or earlier HTTP specifications. It's important to note that this status code does not have an official definition or recognition in the HTTP standard or by the Internet Assigned Numbers Authority (IANA).
  • 226 - IM Used : This code says that the server is using a different response representation because it adheres to the IM (Instance Manipulation) protocol. The IM protocol is defined in RFC 3229 and is used to negotiate content transformations.

Redirection Class (3XX)

These codes are under the redirection class. These codes say that the request was not completed by the server and action needs to be taken by the client to complete the request.

  • 300 - Multiple Choices : This code says that the requested resource corresponds to multiple possible representations, each of which can be determined by further client interaction or content negotiation. In other words, the server is providing a list of alternative options for the client to choose from.
  • 301 - Moved Permanently : This code says that the requested resource has been permanently moved to a different location, and all future requests for the same resource should be directed to the new location. It is a way for web servers to inform clients, such as web browsers or search engines, that a resource has a new, permanent URL.
  • 302 - Found (or Moved Temporarily) : This code says a temporary redirection. It tells the client that the requested resource is temporarily located at a different URL, and the client should perform another request to the new URL to access the resource. In essence, it's a way for the server to tell the client, "The resource you're looking for has temporarily moved, but you should continue to use the original URL for future requests.
  • 303 - See Other : This code says that the client should issue a GET request to the specified URL or URI in the "Location" header to retrieve the desired resource. It is often used as a redirection status code in response to a POST request, indicating that the client should retrieve the result of the POST request using a separate GET request.
  • 304 - Not Modified : This code says that the requested resource has not been modified since the last time it was accessed by the client. It is commonly used to reduce bandwidth usage and improve web performance by allowing clients to cache resources and avoid downloading them again if they haven't changed.
  • 305 - Use Proxy : This code says defined in the HTTP/1.1 specification but is rarely used in practice. It was introduced to inform clients that they should use a specified proxy server to access the requested resource. However, due to security concerns and the complexity of handling proxies, this status code is not widely supported or utilized.
  • 306 - Switch Proxy : This status is currently not used and reserved for future use.
  • 307 - Temporary Redirect : This code says that the requested resource has been temporarily moved to a different URL, and the client should follow the redirection with the same HTTP method used for the initial request. However, unlike 302, which can sometimes result in changing the HTTP method from POST to GET, a 307 response ensures that the original HTTP method is retained.
  • 308 - Permanent Redirect : This code says that the requested resource has been permanently moved to a different URL, and the client should follow the redirection with the same HTTP method used for the initial request. Like the 307 status code, the 308 status code ensures that the original HTTP method is retained during redirection.

Client Error Class (4XX)

These codes are under the client error class. These codes say that the request was not completed by the server and the client made an error in the request.

  • 400 - Bad Request : This code says that the server could not understand or process the client's request due to malformed syntax, invalid parameters, or other issues with the request. In essence, it means that the client's request is not properly formed or does not meet the server's expectations.
  • 401 - Unauthorized : This code says that the client's request has been denied because the client lacks proper authentication credentials or the provided credentials are invalid. In other words, the server is telling the client that it needs to provide valid authentication information to access the requested resource.
  • 402 - Payment Required : This code says that the client's request is valid, but the server requires payment to fulfill the request. It is not commonly used and is not a standard part of most web interactions. Instead, it's typically used in scenarios involving paid services or subscriptions where access to a resource or service is restricted until a payment is made.
  • 403 - Forbidden : This code says that the server has understood the client's request, but it refuses to fulfill it due to the client's lack of permission to access the requested resource. In other words, the server understands the request, but it is explicitly denying access to the client.
  • 404 - Not Found : This code says that the server could not find the requested resource at the specified URL. It's one of the most common HTTP status codes and is returned when a client requests a resource or URL that doesn't exist on the server.
  • 405 - Method Not Allowed : This code says that the client's request method (HTTP verb) is not supported or allowed for the requested resource. In other words, the server understands the request, but it cannot fulfill it using the HTTP method specified by the client.
  • 406 - Not Acceptable : This code says that the server cannot produce a response matching the list of acceptable media types specified in the client's request headers. In other words, the client has requested specific content types or formats using the "Accept" header, but the server cannot provide a response that matches any of those types.
  • 407 - Proxy Authentication Required : This code says that the client must authenticate itself with a proxy server before the proxy server can forward the client's request to the destination server. In other words, this status code is used when a proxy server requires authentication to access the internet or forward the client's request.
  • 408 - Request Timeout : This code says that the client's request took too long to complete, and the server terminated the connection or request due to the timeout. In other words, the server did not receive the entire request from the client within a specified time frame.
  • 409 - Conflict : This code says that the client's request could not be completed because it would result in a conflict with the current state of the target resource. In other words, the server is indicating that there is a conflict between the client's request and the resource's current state, and the request cannot proceed until the conflict is resolved.
  • 410 - Gone : This code says that the requested resource is no longer available on the server, and there is no forwarding address or alternative location. It differs from the "404 Not Found" status code in that it specifically indicates that the resource has been intentionally removed and is not expected to return.
  • 411 - Length Required : This code says that the client's request is missing a "Content-Length" header or has provided an invalid or zero content length. This status code is typically used when a server requires that requests with a message body (e.g., POST or PUT requests) must include a valid "Content-Length" header to specify the size of the message body.
  • 412 - Precondition Failed : This code says that a specific condition set by the client in the request headers has not been met on the server. This condition, often expressed as an "If-Match" or "If-None-Match" header, allows clients to perform conditional requests, ensuring that their actions are based on the current state of the resource.
  • 413 - Payload Too Large : This code says that the server has refused to process the client's request because the request entity (usually the request body) is larger than the server is willing or able to handle. In other words, the server has received a request with a payload that exceeds its specified size or limits.
  • 414 - URI Too Long : This code says that the Uniform Resource Identifier (URI) provided in the client's request is too long for the server to process. In other words, the requested URL is longer than the server is willing or able to handle.
  • 415 - Unsupported Media Type : This code says that the server refuses to accept the client's request because the media type or format of the request's payload (e.g., the request body) is not supported by the server or resource. In other words, the server cannot process the provided data in the format that the client sent.
  • 416 - Range Not Satisfiable : This code says that the server cannot fulfill the client's request for a specific range of a resource because the requested range is not satisfiable. This status code is used in conjunction with the "Range" header, typically in a "Range" GET request, to request a specific portion or range of a resource.
  • 417 - Expectation Failed : This code says that the server cannot meet the expectations set by the "Expect" header in the client's request. The "Expect" header is typically used by the client to specify certain conditions that it expects the server to fulfill during the processing of the request.
  • 418 - I'm a Teapot : It is defined in the "Hyper Text Coffee Pot Control Protocol" (HTCPCP) as an April Fools' joke by the Internet Engineering Task Force (IETF). This status code is not meant to be taken seriously and is not part of the standard HTTP/1.1 specification.
  • 419 - Page Expired : It is not a standard HTTP status code defined by the official HTTP/1.1 or HTTP/2 specifications. However, it is a status code that is sometimes used in web applications and frameworks to indicate that a web page or resource has expired and is no longer available.
  • 420 - Method Failure or Enhance Your Calm : It is not part of the official HTTP/1.1 or HTTP/2 specifications. Instead, it is sometimes used humorously or as an unofficial status code in certain contexts, typically to convey a light-hearted or playful message to clients or users.
  • 421 - Misdirected Request : This code says that the request was directed to a server that is not able to produce a response for the requested resource. This status code is typically used in situations where a server receives a request intended for a different server or destination.
  • 422 - Unprocessable Entity : This code says that the server understands the client's request, but the request could not be processed due to semantic errors or validation failures in the request payload. This status code is often used in the context of web APIs and represents a client error caused by issues with the content of the request.
  • 423 - Locked : This code says that the requested resource is currently locked and cannot be accessed or modified. It is used to prevent concurrent access or modification of a resource by multiple clients or to indicate that the resource is temporarily unavailable due to a lock.
  • 424 - Failed Dependency : This code says that the request cannot be completed because it relies on the successful execution of one or more previous requests, and one or more of those requests failed. This status code is often used in the context of web distributed authoring and versioning (WebDAV) or other systems involving dependencies between requests.
  • 425 - Too Early : This code says that the server refuses to fulfill the request because it is considered too early in the request-response sequence. This status code is used in the context of the "SIP (Session Initiation Protocol) Outbound" framework, which is used for managing sessions in VoIP (Voice over IP) and multimedia communication.
  • 426 - Upgrade Required : This code says that the client must upgrade to a different protocol version to access the requested resource. This status code is used when the server requires the client to use a newer or more secure protocol to communicate.
  • 428 - Precondition Required : This code says that the server requires the client to include specific preconditions in the request headers before it can process the request. These preconditions are used to ensure that the client's request is based on certain conditions being met, such as resource versions or ETags.
  • 429 - Too Many Requests : This code says that the client has sent too many requests in a given time frame to the server or resource. This status code is used to limit the rate at which clients can make requests to a server or resource to prevent overloading or abuse.
  • 430 - HTTP Status Code : It is IETF (Internet Engineering Task Force) draft code.
  • 431 - Request Header Fields Too Large : This code says that the server refuses to process the request because one or more of the request headers sent by the client are too large. This status code is used when the combined size of the request headers exceeds the server's configured or allowed limit.
  • 440 - Login Time-Out : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Microsoft-specific client error that is sent when a client’s HTTP session has expired and needs to log in.
  • 444 - No Response : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code. This error code can be found nginx logs but code will not sent to client.
  • 449 - Retry With : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Microsoft-specific client error that is sent when server can not satisfy the request.
  • 450 - Blocked by Windows Parental Controls : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Microsoft-specific client error that is sent when the parental controls are turned on and are blocking to the requested resource.
  • 451 - Unavailable For Legal Reasons : This code says that the server refuses to provide the requested resource due to legal reasons or legal restrictions. This status code is used when the server is legally required to deny access to a resource, often due to issues related to censorship or compliance with laws and regulations.
  • 460 - Client Closed Connection Prematurely : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a AWS Elastic Load Balancer specific error.
  • 463 - Too Many Forwarded IP Addresses : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a AWS Elastic Load Balancer specific error.
  • 464 - Incompatible Protocol : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a AWS Elastic Load Balancer specific error.
  • 494 - Request Header Too Large : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a nginx specific error.
  • 495 - SSL Certificate Error : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a nginx specific error.
  • 496 - SSL Certificate Required : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a nginx specific error.
  • 497 - HTTP Request Sent to HTTPS Port : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a nginx specific error.
  • 498 - Invalid Token : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a ArcGIS specific error.
  • 499 - Token Required or Client Closed Request : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a ArcGIS specific error.

Server Error Class (5XX)

These codes are under the server error class. These codes say that the request was not completed by the server and there was an error on the server's side while processing the request.

  • 500 - Internal Server Error : This code says a generic error on the server's side. It is a catch-all status code used to inform the client that something unexpected and wrong has occurred on the server, preventing it from fulfilling the request.
  • 501 - Not Implemented : This code says that the server does not support or has not implemented the functionality required to fulfill the client's request. In other words, the server does not recognize the request method or cannot perform the requested operation.
  • 502 - Bad Gateway : This code says that a server acting as a gateway or proxy received an invalid response from an upstream server while attempting to fulfill the client's request. In simpler terms, it typically means that one server (e.g., a proxy server or gateway) is trying to access another server (an origin server) to complete the client's request, but the upstream server is not responding correctly or is down.
  • 503 - Service Unavailable : This code says that the server is temporarily unable to handle the request. This status code is used to inform the client that the server is currently unable to fulfill the request due to various reasons, such as server maintenance, overloading, or temporary unavailability.
  • 504 - Gateway Timeout : This code says that a server acting as a gateway or proxy did not receive a timely response from an upstream server or endpoint that it was trying to access. In simpler terms, it typically means that one server (e.g., a proxy server or gateway) is trying to access another server (an origin server or endpoint) to complete the client's request, but the upstream server did not respond within a reasonable time frame.
  • 505 - HTTP Version Not Supported : This code says that the server does not support or refuses to support the major HTTP protocol version used in the request. This status code is used to inform the client that the server cannot process the request because it uses an HTTP version that is not recognized or supported by the server.
  • 506 - Variant Also Negotiates : This code says that the server has an internal configuration issue related to content negotiation and cannot select an appropriate representation of the requested resource.
  • 507 - Insufficient Storage : This code says that the server is unable to store the representation needed to complete the client's request. This status code is typically used in situations where the server has exhausted its storage capacity or quota.
  • 508 - Loop Detected : This code says that the server detected an infinite loop while processing the client's request. In other words, the server recognized that the request is causing a repeated or circular redirection, and it terminates the request processing to prevent the loop from continuing indefinitely.
  • 509 - Bandwidth Limit Exceeded : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is Apache Web Server and cPanel specific error.
  • 510 - Not Extended : This code says that the client's request requires further extensions or additions to be completed successfully. In other words, the server understands the client's request but needs the client to provide additional information or specify required extensions for the request to be fulfilled.
  • 511 - Network Authentication Required : This code says that the client must authenticate itself to the network before it can successfully access the requested resource. This status code is specifically used when the client needs to provide network-level authentication credentials to access the resource, even if it has already been authenticated at the application layer.
  • 520 - Web server is returning an unknown error : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 521 - Web server is down : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 522 - Connection timed out : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 523 - Origin is unreachable : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 524 - A Timeout Occurred : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 525 - SSL handshake failed : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 526 - Invalid SSL certificate : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 527 - Railgun Listener to Origin : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare specific error.
  • 529 - The service is overloaded : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Qualys specific error.
  • 530 - Site Frozen : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a Cloudflare and Pantheon specific error.
  • 561 - Unauthorized : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is a AWS Elastic Load Balancer (561 Unauthorized) and Pantheon (561 No site detected) specific error.
  • 598 - Network read timeout error : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is used b some proxies.
  • 599 - Network Connect Timeout Error : It is not part of the official HTTP/1.1 or HTTP/2 specifications. It is not a recognized or standardized HTTP status code.It is used b some proxies.