List of HTTP status codes

You see HTTP status codes everyday, but do you know what they mean?

What are HTTP status codes?


An HTTP status code is a server response to a browser’s request. When you visit a website, your browser sends a request to the site’s server, and the server then responds to the browser’s request with a three-digit code: the HTTP status code.


These status codes are the Internet equivalent of a conversation between your browser and the server. They communicate whether things between the two are A-okay, touch-and-go, or whether something is wrong. Understanding status codes and how to use them will help you to diagnose site errors quickly to minimize downtime on your site. You can even use some of these status codes to help search engines and people access your site;  a 301 redirect, for example, will tell bots and people that a page that has moved somewhere else permanently.


The first digit of each three-digit status code begins with one of five numbers, 1 through 5; you may see this expressed as 1xx or 5xx to indicate status codes in that range. Each of those ranges encompasses a different class of server response.


The most common HTTP response code classes


1xxs – Informational responses: The server is thinking through the request.

2xxs – Success! The request was successfully completed and the server gave the browser the expected response.

3xxs –Redirection: You got redirected somewhere else. The request was received, but there’s a redirect of some kind.

4xxs – Client errors: The 4xx class of status code is intended for cases in which the client seems to have erred. The server should include (except when responding to a HEAD request) an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. These status codes are applicable to any request method. If the client is sending data after the server closes the input connection, the server's TCP stack will send a reset packet to the client and it may erase the client's unacknowledged input buffers before they can be read and interpreted by the HTTP application.

5xxs – Server errors: Failure. Response status codes beginning with the digit "5" indicate cases in which the server is aware that it has erred or is incapable of performing the request.These response codes are applicable to any request method.



HTTP status code list



HTTP Status Code 400 - Bad request

The server could not understand the request because the syntax was improper. This is a general error that you get if fulfilling the request would cause an invalid state, for example in the case of domain validation errors, missing data, etc. The client should not repeat the request without modification.



HTTP Status Code 401 - Unauthorized

This error code is a response for missing or invalid authentication token. The request requires user authentication.Similar to 403 Forbidden, but specifically for use when authentication is possible but has failed or not yet been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.



HTTP Status Code 402 - Payment Required

This code is reserved for future use in connection with digital cash or micropayment transactions. (Exception: Apple's MobileMe service, which is currently using the code in case of account errors.)



HTTP Status Code 403 - Forbidden

A legal request that is denied by the server. Authentication will make no difference, unlike with a 401 error. A 403 indicates that either the user is not authorized to perform the operation or the resources to do so are unavailable.



HTTP Status Code 404 - Not Found

Used when the requested resource is not found - it either does not exist or for security reasons, its existence is masked by the service. If you get this, the services does not wish to reveal why the request has been refused or no other response is applicable.



HTTP Status Code 405 - Method Not Allowed

The method of request is not supported. The response must include an allow header that contains a list of valid method for the resource requested.



HTTP Status Code 406 - Not Acceptable

The requested resource can only generate content that is not acceptable according the the accept headers sent with the request. Depending on the format and the capabilities of the user agent, the most appropriate option may be performed automatically. This specification, however, does not define any standard for such automatic selection.



HTTP Status Code 407 - Proxy Authentication Required

The clients must first authenticate itself with the proxy. Similar to code 401 (unauthorized), but indicates the above. They client may repeat the request with a suitable proxy-authorization header field.



HTTP Status Code 408 - Request Timeout

The client did not produce a request within the time that the server was prepared to wait, i.e. the server timed out waiting for the request. The client may repeat the request without modifications at any later time.



HTTP Status Code 409 - Conflict

Indicates that the request could not be processed because of conflict in the request, such as an edit conflict. Conflicts are most likely to occur in response to a PUT request.



HTTP Status Code 410 - Gone

Indicates that the resource requested is no longer available and will not be available again. This response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable and that the server owners desire that remote links to that resource be removed.



HTTP Status Code 411 - Length Required

The request did not specify the length of its content, though the server requires it. The client may repeat the request if it adds a valid content-length header field.



HTTP Status Code 412 - Precondition Failed

The server does not meet one of the preconditions that the requester put on the request. This response allows the client to place preconditions on the current resource metadata (header field data) so that the requested method won't be be applied to a resource other than the one intended.



HTTP Status Code 413 - Request Entity Too Large

The request is larger than the server is willing or able to process. If the condition is temporary, the server should include a retry-after header field to indicate that it is temporary only and after what time the client may try again.



HTTP Status Code 414 - Request-URL Too Long

The URI provided was too long for the server to process. This rare condition is only likely to occur when a client has improperly converted a POST request to a GET request with long query information, when the client has descended into a URI "black hole" of redirection.



HTTP Status Code 415 - Unsupported Media Type

The server is refusing to service the request because the entity of the request is in a format not supported by the requested resource for the requested method. For example, the client uploads an image as image/svg+xml, but the server requires that images use a different format.



HTTP Status Code 416 - Requested Range Not Satisfiable

The client has asked for a portion of the file, but the server cannot supply that portion. For example, if the client asked for a part of the file that lies beyond the end of the file. When this status code is returned for a byte-range request, the response should include a content-range entity-header field specifying the current length of the selected resource. This response must not use the multipart/byteranges content- type.



HTTP Status Code 417 - Expectation Failed

The server cannot meet the requirements of the Expect request-header field because it has unambiguous evidence that the request could not be met by the next-hop server.



HTTP Status Code 421 - Misdirected Request

The request was directed at a server that is not able to produce a response (for example because a connection reuse).



HTTP Status Code 426 - Upgrade Required

The 426 Upgrade Required status code allows a server to definitively state the precise protocol extensions a given resource must be served with. The client should switch to a different protocol such as TLS/1.0.



HTTP Status Code 428 - Precondition Required

The 428 status code indicates that the origin server requires the request to be conditional. Intended to prevent "the "lost update" problem, where a client GETs a resource's state, modifies it, and PUTs it back to the server, when meanwhile a third party has modified the state on the server, leading to a conflict.



HTTP Status Code 429 - Too Many Requests

The 429 status code indicates that the user has sent too many requests in a given amount of time. When a server is under attack or just receiving a very large number of requests from a single party, responding to each with a 429 status code will consume resources.



HTTP Status Code 431 - Request Header Fields Too Large

The server is unwilling to process the request because either an individual header field, or all the header fields collectively, are too large. Servers are not required to use the 431 status code; when under attack, it may be more appropriate to just drop connections, or take other steps.



HTTP Status Code 440 - Login Timeout

The client's session has expired and must log in again.



HTTP Status Code 451 - Unavailable For Legal Reasons

Intended to be used when resource access is denied for legal reasons, e.g. censorship or government-mandated blocked access. A reference to the 1953 dystopian novel Fahrenheit 451, where books are outlawed, and the autoignition temperature of paper, 451°F.



HTTP Status Code 500 - Internal Server Error

A generic error message, given when no more specific message is suitable. The general catch-all error when the server-side throws an exception.



HTTP Status Code 501 - Not Implemented

The server does not support the functionality required to fulfill the request because it does not recognize the request method and it is not capable of supporting it for any resource.



HTTP Status Code 502 - Bad Gateway

The server was acting as a gateway or proxy and received an invalid response from the upstream server.



HTTP Status Code 503 - Service Unavailable

The server is currently unavailable (because it is overloaded or down for maintenance). This is usually a temporary state. The existence of the 503 status code does not imply that a server must use it when becoming overloaded. Some servers may wish to simply refuse the connection.



HTTP Status Code 504 - Gateway Timeout

The server was acting as a gateway or proxy and did not receive a timely response from the upstream server. Note to implementers: some deployed proxies are known to return 400 or 500 when DNS lookups time out.



HTTP Status Code 505 - HTTP Version Not Supported

The server does not support the HTTP protocol version used in the request. The server is indicating that it is unable or unwilling to complete the request using the same major version as the client. The response should contain an entity describing why that version is not supported and what other protocols are supported by that server.



HTTP Status Code 506 - Variant Also Negotiates (Experimental)

The 506 status code indicates that the server has an internal configuration error: the chosen variant resource is configured to engage in transparent content negotiation itself that results in a circular reference.



HTTP Status Code 510 - Not Extended

The 510 response means that further extension to the request are required for the server to fulfill it since the policy for accessing the resource has not been met in the request. The client may present any entity included in the 510 response to the user, since that entity may include relevant diagnostic information.



HTTP Status Code 511 - Network Authentication Required

The 511 status code indicates that the client needs to authenticate to gain network access.The response representation should contain a link to a resource that allows the user to submit credentials (e.g. with a HTML form). The 511 status should not be generated by origin servers; it is intended for use by intercepting proxies that are interposed as a means of controlling access to the network. Responses with the 511 status code must not be stored by a cache.

Guides, cheatsheets and tips about the increasingly important role of images in modern web design. Follow me on Twitter and Facebook too, for more handy content!

You might also like
Two-factor vs. two-step authentication - what is the difference? 1 min read
These expressions get thrown around a lot, but it is not something that should be confused - and here's why.
JPG vs. JPEG image formats 1 min read
JPEG or JPG stands for Joint Photographic Experts Group and it is a file format that is able to store images.
Press kit - what is it and how it helps your business? 2 min read
You have one shot only and you’d better choose your target cleverly.