HTTP Status Codes
Status codes are a 3 digit number sent by the web-server to the client which indicate how the webserver handled the request
Types of Codes: Indicated by the first digit of the code
| Code | Description |
|---|---|
| 1xx | Informational: Request was received, and is still processing |
| 2xx | Success: Request was received, understood and accepted |
| 3xx | Redirection: Further action required |
| 4xx | Client Error: The request has bad syntax or cannot be fulfilled |
| 5xx | Server Error: The server failed to fulfill a seemingly valid request |
Informational
| Code | Description |
|---|---|
| 100 | Continue: Server reported OK, and to continue request |
| 101 | Switching Protocols: Requestor has asked server to switch protocols and server has agreed |
| 102 | Processing: Server is processing the request, no response available yet |
| 103 | Early Hint: Lets agent start preloading resource while server processes response |
Success
| Code | Description |
|---|---|
| 200 | OK - The GET/HEAD/PUT/POST/TRACE was successful |
| 201 | Created: Request has succeeded and new resource created |
| 202 | Accepted: Server has received the request and accepted it |
| 203 | Non-Authoritative Information: Request way ok, but request has been modified |
| 204 | No Content: There is no content to send for this request |
| 205 | Reset Content: client should reset the document which sent request |
| 206 | Partial Content: Only part of content returned to client as requested |
| 207 | Multi-Status: Information avaliable for multiple resources (WebDAV) |
| 208 | Already Reported: (WebDAV) |
| 226 | IM Used: Server has fulfilled a request with a result of one or more instance-manipulations |
Redirection
| Code | Description |
|---|---|
| 300 | Multiple Choice: Multiple possible responses, user-agent or user should choose one of them |
| 301 | Moved Permanently (redirect): Resource has moved, user-agent should update to new address |
| 302 | Found (Previously "Moved Temporarily"): Location has temporarily changed URL |
| 303 | See Other: Client should get requested resource at another location with a GET request |
| 304 | Not Modified: Cached version has not changed on server, can still use |
| 305 | Use Proxy (Deprecated): Requested content must be accessed by a proxy |
| 306 | Reserved |
| 307 | Temporary Redirect: Location has changed, must send request to new server with same HTTP method |
| 308 | Permanent Redirect: Location has Permanently changed, must send request to new server with same HTTP method |
Client Error
| Code | Description |
|---|---|
| 400 | Bad Request: Server didn't understand request due to syntax error |
| 401 | Unauthorized: User does not have authorisation to access resource, or is blocked |
| 402 | Payment Required (Future Use) |
| 403 | Forbidden: The server has explicitly denied the operation (Possibly ModSec) |
| 404 | Not Found: Resource on server does not exist |
| 405 | Method Not Allowed: Request rejected, ie DELETE a file |
| 406 | Not Acceptable: Criteria for request not met or rejected |
| 407 | Proxy Authentication Required |
| 408 | Request Timeout: Responce to request not received in expected time |
| 409 | Conflict: Server is unable to furfile request due to it's current state |
| 410 | Gone: File has been removed from server and should be removed from clients index |
| 411 | IM Used: Length Required |
| 412 | Precondition Failed: Server does not meet conditions set in header |
| 413 | Payload Too Large: Request to large |
| 414 | URI Too Long |
| 415 | Unsupported Media Type: Server rejected the file type requested |
| 416 | Range Not Satisfiable: Range field in header can't be fulfilled |
| 417 | Expectation Failed: Server can not meet criteria set in the 'EXPECT' header feild |
| 418 | I'm a teapot: Server has refused request for an unspecified reason |
| 421 | Misdirected Request: Redirected server cannot handle request |
| 422 | Unprocessable Entity: WebDAV |
| 423 | Locked: WebDAV |
| 424 | Failed Dependency: WebDAV |
| 425 | Too Early: (Experimental) Server does not want to process a request which may be a replay |
| 426 | Upgrade Required: Server refused request, but might complete it if done over a different protocol (ie over a secure protocol) |
| 428 | Precondition Required: Request required to be conditional, designed to prevent 'Lost Updates' |
| 429 | Too Many Requests: To many requests received, throttled |
| 431 | Request Header Fields Too Large |
| 451 | Unavailable For Legal Reasons: Unavaliable, such as goverment censorship or organisation filter |
Server Error
| Code | Description |
|---|---|
| 500 | Internal Server Error: ie Coding Error, Out of Memory |
| 501 | Not Implemented: Request method not implimented on server |
| 502 | Bad Gateway: Invalid response received by server |
| 503 | Service Unavailable: Out of Resources, High-Load, Misconfiguration |
| 504 | Gateway Timeout: Server acting as a gateway did not get a response in time |
| 505 | HTTP Version Not Supported: Very early implimentations blocked for security |
| 506 | Variant Also Negotiates: Server Error |
| 507 | Insufficient Storage: WebDAV |
| 508 | Loop Detected: WebDAV |
| 510 | Not Extended: Extensions to request needed |
| 511 | Network Authentication Required: Client needs to authenticate to gain network access |
Additional Non Standard Codes
| Code | Description |
|---|---|
| 218 | Apache Web Server: This is fine, catch all |
| 430 | Shopify: To many requests, rate-limited |
| 450 | Microsoft: Blocked by Windows Parental Controls |
| 509 | Apache Web Server/cPanel: Bandwidth Quota exceeded |
| 520 | Cloudflare: Web Server Returned an Unknown Error |
| 521 | Cloudflare: Origin Web Server Is Down |
| 522 | Cloudflare: Connection Timed Out |
| 523 | Cloudflare: Origin Is Unreachable, ie bad DNS Record |
| 524 | Cloudflare: Timeout Occurred |
| 525 | Cloudflare: SSL Handshake Failed with Origin Server |
| 526 | Cloudflare: Invalid SSL Certificate |
| 527 | Cloudflare: Railgun Error |
Supported By Air-Gap