September 28, 2021

Types of HTTP Status Codes and What They Mean

Understanding the different types of status codes can help you troubleshoot problems on your site more quickly.

Every time you type in a URL name in the browser and press enter, submit a form, or click on a link, you’re sending a request for information to the server where it is hosted. When the request is received by the server, it sends back an HTTP answer as a message response, letting you know if the request was successful or not.

Understanding status codes may not seem significant from a regular web user point of view, but they are important to diagnose website issues. Recognising and analyzing issues is crucial to rank well in search engines, and provide a good user experience, and therefore reviewing status codes reported by the server is a task that must be done.

What is HTTP Status Code?

An HTTP status code is a way of communicating between the client, via the internet browser (requesting the information) and the server (responding back with an answer). This way of communicating between the client and the server it is known as HTTP (Hypertext Transfer Protocol).

When you type a URL address in the browser or click on a link, you’re sending an HTTP request from your computer to the server where the website is hosted, asking the server to send you a response back containing the information requested.

alt text

Responses from the server are the vast majority of the time successful, and therefore invisible to us (we won’t see a Status Code); but when the answer from the server has some sort of issue, it will send an HTTP Status Code as a response to indicate the type of error it is having. Most users have seen these response codes at some point, like the response code 404 - which indicates that the page was not found. This is probably one of the most common error codes an average user will see. Normally, we won’t give any importance to these kinds of codes, other than thinking how frustrating it is not being able to access that site, form, or link, when you need it.
But for a developer or business owner, understanding what each type of error code means, is critical to diagnose the website’s health and fix any issues.

List of Status Codes

There are over 40 different types of status codes to inform you if the request you made to the server was successful, failed, or encountered any other problems. The official list of Status Codes is maintained by the Internet Assigned Numbers Authority (IANA).

Any individual, engineer, or computer scientist can propose a new set of status codes by sending an official Request for Comments (RFC), and the IEFT is in charge of reviewing and approving new codes.

The HTTP status codes are organized in 5 groups. The first digit of the status code defines the class of response. The next two digits do not have any categorizing role in further defining the status code to a specific response. Below you’ll find a list of status codes, and some scenario use cases.

1xx Status Codes - Informational

These class codes lets you know that the request was received, but for some reason is still in process. It does not necessarily indicate that there’s a problem, it is more of an informative code.

100 (Continue)

It means that the initial part of a request has been received and has not yet been rejected by the server. The server will send a final response once it has been fully received.

The lowest HTTP Code number, and the most complex to explain...Let’s assume that the caffeine from your morning coffee haven’t kicked in yet, so let's move on to easier ones :), like the 200.

101 (Switching Protocols)

The server will comply with the client’s request to switch to a different HTTP protocol.

2xx Status Codes - Success

The 2xx class code means that the request was successfully received, understood, and accepted.

200 (OK)

Means that the request is OK. It is a standard response for successful HTTP requests.

This is the most-common HTTP code ever. Every time you click on a link (as long as the link is working), the response from the server is an HTTP Code 200.

201 (Created)

Means that the request has been fulfilled, and a new resource is created.

For example, imagine that you are filling a form to get in touch with support. Internally, this form might create a ticket, therefore in this example when you send the form, the server will return “OK, the ticket has been created”.

202 (Accepted)

The request has been accepted for processing, but not completed.

Let's imagine that you are making a payment with a credit card. This payment requires contact with the bank and this can take time, and the developer team might not know exactly how long the payment will take. In this hypothetical situation it is OK to send a 202 Accepted code, allowing the request to be sent and accepted, knowing that at least the reception of the payment data has been OK - although in this example we don’t yet know if the payment has been successful!

203 (Non-Authoritative Information)

Means that the request has been successfully processed, but the information sent back is from another source, rather than the original server.

This nearly means that there is a piece of software (ie. a Proxy) that has modified the response, meaning that what you are seeing in the browser is not the original content.

204 (No Content)

Means that the request has been successfully received and processed, but there’s no need to send data back in the response payload body.

The request is technically OK, but the response actually does not return any human-readable information. This really just makes sense to developers, as in some cases you need this state when you are developing software.

205 (Reset Content)

Means that the request has been processed, but it is not returning any content, and it requires that the requester reset the document view.

Basically, the browser needs to be refreshed...

206 (Partial Content)

As per the client request, the server is returning only part of the resource.

If the human-readable content is too large, there are several options to create pagination. This might be the one that the developer chooses.

3xx Status Codes - Redirection

The 3xx means that the request was received, but redirected somewhere else and therefore further action needs to take place.
These codes are usually applied to SEO and to optimize the speed of the website from the browser’s point of view.

300 (Multiple Choices)

The resource has moved, and it gives the client multiple choices to be redirected to.

Is the movement temporary or permanent? This code is rarely used, and therefore one would use 301 (permanently) or 302 (temporarily) instead of the 300.

301 (Moved Permanently)

The page has been moved permanently to a new URL.

For example, you created the page ** and now you decide to change it to **. This means that you are permanently changing the URL, and you want to tell all search engines (SEO) that this URL has changed.

302 (Found)

Means that the requested resource has been changed temporarily.
In the future it should continue using the URL to fetch the same resource. Search Engines (SEO) won’t update the link.

303 (See Other)

The status code tells the client to request the information from another resource.

Well, imagine that you are uploading a file. This file might not be uploaded yet, but you are showing some sort of progress bar. In this case, while you are showing the progress bar and not the actual file that you are uploading, a 303 (See Other) might be used.

304 (Not Modified)

Means that the requested page hasn’t been modified since the last request.

Let's imagine an example about your website logo. Every time a user accesses a page from your website, the logo needs to be downloaded and displayed. If you optimize the website correctly, you will use browser cache, and the browser will keep a local copy of the resource. The HTTP code 304 tells the browser that the local copy is still OK to use.

305 (Switch Proxy)

Is not used anymore.

307 (Temporary Redirect)

Means that the requested page has been moved to a new URL temporarily.

If you are using GET, you need to use 302, but if you are using PUT, you need to use 307, and if you are lost … you can really skip this one :D

4xx Status Codes- Client Error

These errors are considered problems. The page could not be reached due to a bad syntax or because it cannot be fulfilled. These are one of the worst codes as visitors won’t be able to access your website if they get these types of errors.

400 (Bad Request)

The request can’t be fulfilled because of bad syntax.

Imagine that there is a form that requires an email address. And you forget the ‘@’ in the email. The server might tell you ‘400 Bad Request’, and hopefully the developer has designed the UI to tell you exactly why the request is bad (a human-readable message such as like ‘email is not correct’).

401 (Unauthorized)

The request is valid, but the server is refusing to answer. The client must authenticate itself to get a response.

Have you ever chosen a URL in your browser’s history, and the browser just sent you to a screen where you need to log in? It is very likely that internally a code 401 has occurred, and the browser is smart enough to tell you what you need to do to proceed, which in this hypothetical case is to log in.

402 (Payment Required)

This code is officially reserved for future use. It was originally intended for using it in digital payments.

This is a good example of a really cool idea that could make sense, everybody agrees, the RFC is written, it gets popular and approved, and then … you realize that you actually don’t need it. So, yes “reserved for future use” … it sounds better than “Ops ...”

403 (Forbidden)

Means that the request is valid, but for some reason, the server is refusing to answer.

You are on a website, you are authenticated, all seems good… but no, you still don’t have access to this link. Maybe you are a normal user trying to access the admin site? (well, hopefully it is an honest mistake).

404 (Not Found)

This is one of the most shown and encountered codes. It means that the requested resource is not available or cannot be found. The server doesn’t know if this is temporary or permanent status.

The 404 code, for some reason, is one of the most visible codes. Websites tend to be very **[creative](** with the 404 page.

405 (Method not Allowed)

The request was done using a method that is not supported for the requested resource.

Imagine that you want to read the content of a link (GET) but somehow you are requesting the website to update the content of that link (POST) and well...this cannot happen. So yes, the method is not allowed. And also, it is not your fault, it is the developer’s fault...

406 (Not Acceptable)

It indicates that the server understood the request, but the answer is not supported or understood by the client.

When you are navigating to the browser, the browser sends more information with the request. A piece of data is what type of information it can show to the human behind the screen: HTML, maybe a PDF. If the browser does not provide a format that the server can generate, then the request is 406 - Not Acceptable for the server.

407 (Proxy Authentication Required)

The client must first authenticate itself with the proxy before the request can proceed.

408 (Request Timeout)

Means that the server timed out waiting for the request.

Imagine you are navigating on a website, you open a connection with the server (click on a link, or upload a file), and for some strange reason the server just got tired of waiting for the whole request, hence it let the browser know that it is no longer waiting.

409 (Conflict)

Means that the request cannot be completed, due to a conflict with the server.

Scenario: You clicked on the payment button twice! Hopefully the developer was smart enough and realized that there is an unfinished payment request for that order, and the second request is rejected because there is a 409 - Conflict.

410 (Gone)

This status is similar to the 404. It tells us that the requested resource is no longer available on the server. It has been removed and no longer available. It does not indicate an alternative URL of where to find the information.

You clicked on a link, and the resource is 410 - Gone. Somebody just deleted it, and the developer is letting you know that not only does it not exist (which could be the HTTP code 404) but that it was a valid resource which is not available anymore. It just provides a bit more of information.

411 (Length Required)

The server rejects the request because it did not specify the length of its content in the Content-Length header field.

You are trying to upload a document, and you don’t specify how big the document is. Well, it is a bug from the developers, but as well, your browser should tell how big the document is if the website should consider uploading it!

412 (Precondition failed)

The client specified preconditions in the request, which the server does not meet.

413 (Request Entity too Large)

Means that the request won’t be processed for being larger than what the server accepts or allows.

The file that you are trying to upload is too large for the system. Just create a ticket-bug so that the developer can address the issue.

414 (Request-URI too Long)

It indicates that the URL is too long, and the server won’t process it.

For example, this code can be used as a protection for developers. There is a crazy wild 300 redirection loop happening, which does not work, but the request is happening over and over again, and the browser URL is getting larger in each iteration. The code helps protect the developers.

415 (Unsupported Media Type)

Means that part of the request is in an unsupported format, and therefore the server won’t accept the request.

Are you trying to upload an image that is in a Word document? The server does not know what to do. Sorry, Unsupported Media Type.

416 (Requested Range Not Satisfiable)

The client asked for a part of the file, but the server cannot supply that part.

The developer wanted to use 206-Partial Content to paginate because the response is way too large, but there is a bug and the pagination does not work. Maybe there are just 15 pages, and you are asking for page 16!

417 (Expectation Failed)

Means that the server cannot meet the requirements indicated in the “Expect” header of the request.

This code is not often used. It is related with the code 100. If you are sending a request, and you are expecting the response to a code 100, but it fails...then... 417 - Expectation failed.

421 (Misdirected Required)

The request was directed at a server that is not able to produce a proper response.

There is a weird low-level bug with the servers. Just contact the developer.

426 (Upgrade Required)

It indicates to the client that it must use a different protocol in order to send a request to the server.

Did you like the Iphone 5? What about Iphone 6? Like the Iphone, the HTTP protocol also has versions. If the browser is requesting to speak with the server with the HTTP version 1.1 but the server only understands HTTP version 2, it will tell the browser to 426 - Upgrade Required to the version 2.

5xx Status Codes - Server Error

The 5xx are also considered to be problems. In this case, it is the server who couldn’t fulfil the request. As these are server related, if you get one of these errors, you should immediately contact your hosting provider unless you’re self-hosting.

500 (Internal Server Error)

It indicates that the server encountered an error that does not know how to handle it, and therefore, unable to complete the request.

Something really wrong happened. Time to pick up the phone, to write a ticket, send an email, a pager, whatsapp, telegram… whatever means you want to use to communicate, but a developer is required to fix this stuff.

501 (Not Implemented)

Means that the request is not supported by the server and cannot be completed.

Did we say that 500 - Internet Server Error was trouble? Not really if we compared it to 501, which is even more trouble. This doesn't mean that the application is crashing, it is that the HTTP server does not know where to start. "Red Flag. Fire. Developer required".

502 (Bad Gateway)

The server was acting as a gateway or proxy and it received an invalid response from the upstream server.

When there is a lot of traffic, one server is not enough. For that reason, you attempt to configure multiple servers, or you might have different servers working in the same application. When you have a 502 - Bad Gateway, the proxy that is managing all those servers is not configured correctly, or something really wrong is happening behind the scenes. Did I mention that there is a light chance that you need to contact the developer?

503 (Service Unavailable)

The status code indicates that the server is not available now due to overload.

You have multiple servers to handle your application, but none of them are available for the request. The 503 - Service is Unavailable.

504 (Gateway Timeout)

The error is shown when a server acting as a gateway or proxy, can’t get a response in time from the upstream server.

You have multiple servers working for a website. But the final server which has to do the work is way too slow - usually because of the server load (but there might be other reasons). So the backend server times out … and, yes, 503 - Service Unavailable.

505 (HTTP Version Not Supported)

Indicates that the HTTP protocol version used in the request is not supported by the server, and therefore cannot process the request.

While in 426 - Upgrade Required you were using the HTTP Version 1.1 and the server is running in HTTP Version 2, it requested an upgrade. This is just the opposite. You are requesting the HTTP Version 2 and this server does not even know what it is, so …. HTTP Version Not Supported.

How to check the HTTP status code

Every time you request information to a server, it responds with a status code. Like we mentioned, most of these codes are never seen by the user as they are only viewable within the network. There are only a few exemptions made as with 404 - Page Not Found, or 502 - Bad Gateway.

Viewing the response code of a page can be manually done in the browser, or by using specific tools, and website crawlers. Checking the response code will vary from browser to browser, and therefore accessing the status code will differ slightly.

Checking HTTP Status Code in Chrome

  1. Enter the URL in the browser;
  2. Open the Chrome Menu (upper-right-hand corner of the browser window) and select More Tools > Developer Tools; or right click anywhere in the page, and select “Inspect” to open the Developer Tools;
  3. Go to the Network tab;
  4. Refresh the page;
  5. You’ll see a list of requests, and the status code.

alt text

Checking HTTP Status Code in Mozilla

  1. Open the Mozilla browser and type in the URL you want to check;
  2. Right click anywhere and select Inspect;
  3. Select the Network tab and reload the page;
  4. You’ll see a list and the status with the code.

alt text

Each type of software, or company can create their own status codes, but they are not officially recognised by the IANA.

If you want to have a more detailed understanding of HTTP status code, you can find further information on the RFC 7231.

With MeerkatWatch monitoring, you can see the most common HTTP Error Codes to help you analyze what is causing you downtime.