HTTP Response Codes

HTTP response code are generated by a server when it receives a request. It contains codes from the IETF Request for comments (RFCs) as well as additional codes that are frequently used in applications of HTTP.

HTTP status codes: 404

HTTP status codes indicate. We’ll be taking a closer look at each has been completed. The responses are usually divided into five categories:

  • Informational Responses (100-199)
  • Responses that are successful (200-2999)
  • Redirects (300-3999)
  • Client errors (400-499)
  • Server errors (500-599)

The 1xx class status codes are informational. They indicate that a request has been received and understood. The status code 1xx is provisional and is used to indicate that the process is in progress. It tells the client that he must wait for a definitive response. These messages include the status line as well as the optional header fields.

The 2xx range indicates that the request was received, understood, and accepted. The 3xx range indicates that the client needs to take further action in order to fulfill the requested request. This code is used often in URL redirection.

The 4xx class status codes are for situations in which the error appears to have been caused or exacerbated by the client. These codes can be applied to any request method. User agents should show any included entity to users.

The 5xx code range refers to server errors codes. These codes indicate that the request was accepted but that the server was unable to fulfill the request.

There are many HTTP error codes but you will likely only encounter a few. Once you know what they mean, you will be able to identify the problem and fix it.

We will take a closer look to the HTTP response code and explain what they mean.

1. Information Responses

These HTTP response codes are used to provide more information and indicate that a process or request has been processed. Most of the HTTP status code in this range are not used as they describe seemingly simple processes. These HTTP status codes include 100: Continue meaning that the server will continue as usual. 102: Processing means that the request is being processed by either the client or the server (the client is the entity receiving the request). These two informational codes are part and parcel of the normal process. This is why Hypertext Transport Protocol (HTTP), response codes are necessary. These HTTP codes are used to track the data flow throughout the server’s performance. These HTTP status codes are essential for tracking the progress of a particular process. Log viewing becomes a guessing game without them. HTTP Response codes between 100 and 199 have the relevant usage.

100

This will let the client know that all is well and there are no issues. If the request is not yet complete, the client may ignore the response.

101 Switching protocols

This indicates that the code was sent as a response to a client’s upgrade request header. It also indicates which protocol the servers are switching to.

102 (WebDAV).

This code means that the server has received the request and is processing it. However, there is not yet a response.

103 Early Hints

This HTTP response code can be used primarily with the Link header. It allows the user agent to preload resources and the server to prepare a response.

2, Successive Responses

HTTP error code This family shows success in many forms. HTTP response codes 200-299 indicate good news. This means that the request was accepted, a new request was created or a problem has been solved. HTTP status codes from the older group serve as signs. HTTP status codes from the 200 group are go signals to take specific actions. 202: The client has accepted the request. Although the HTTP response code 202 doesn’t necessarily indicate that the request has been made, it does mean that it is being processed. Part of these HTTP status codes are 206: Partial content. This indicates that the request was partially fulfilled, but still met.

200 OK

This status code means that the request was successful. This status code indicates that the request was successful.

  • GET: The resource was fetched, and is being transmitted
  • HEAD: The entity headers are located in the message body
  • PUT or Post: The message body contains the resource that describes the outcome of the action.
  • TRACE: The message body includes the request message as received

201 Created

This means that the waste was successful and that a new resource was created. This response is usually sent following POST requests or some PUT requests.

202 Accepted

Although the request was accepted for processing, it has not been processed. The request could be processed and rejected if it is not. This can be used in cases where another server or process handles the request, or batch processing.

203 Non-Authoritative

This status code means that the metainformation returned is not exactly the same as what is available from the origin server. However, it is collected from either a local or third party copy. This code is useful for backing up another resource.

204

This status code indicates that there is no content being sent for a particular request. However, the headers might be useful. This status code may be updated by the user agent to replace its cached headers.

205 Reset Content

This status code allows the user agent to reset any document that was sent with the request.

206 Partially Content

This code is used to indicate that the Range header has been sent by the client in order to request only a portion of a resource.

Multi-Status (WebDAV),

This status code contains information that can be used to perform multiple operations independently. This message is by default an XML message. It can provide different response codes depending on how many subrequests were made.

208 Already Reported (WebDAV)

This is used in response elements to avoid having to repeatedly enumerate the internal members for multiple bindings to the exact same collection.

226 IM Used (HTTP Delta encoding)

The server has fulfilled a GET request for the resource, and the response is a representation of the result of one or more instance-manipulations applied to the current instance.

Also Read:  Cissp 150 Questions

Redirection Messages

HTTP status codes 300-399 refer to redirection. These HTTP response codes indicate that the request needed to be redirected for various reasons. The HTTP status codes 300-399 may require immediate action because there could be a pending or stuck request. 300: Multiple Choices make it difficult for the web browsers to decide where to go. Therefore, immediate action is required. 310: Resource moved permanently means that the route of your request will change from then on.

300 Multiple Choice

The requested resource corresponds with any one of a number of representations that each have its own location and information. This information is needed so that the user agent may choose the representation that interests them and redirect the request there.

301 Permanently Moved

This HTTP response code shows that the URL for the requested resource has been permanently changed. In the response, you will find the new URL.

302 Found

This code means that the URL for the requested resource has been temporarily changed. This code indicates that future URL changes may be made. Therefore, the same URL should be used for future requests. This is an example industry practice that contradicts the standard.

303 – Other

This status code indicates that the server has received the request and sent the response.

304 Not Added

This means that the client has made a conditional request. Access is permitted, but documents cannot be modified. The server should reply with the status code. Important to remember that the 304 response cannot contain the message body and must be terminated with the first empty line following the header fields.

305 Use Proxy

This code refers to an older version of the HTTP specification that indicates that the requested response must only be accessed via proxy. This code has been removed due to security concerns about proxy configuration and in.

306 unused

This code is no more used. This code used to indicate that sub-requests should use the specified proxy.

307 Temporary redirect

This status code means that the request should again be made with another URI. All future requests must still use the original URI. This is similar to the 302 Found HTTP Code, except that the user agent cannot change the HTTP method. A POST must be used for the second request if a POST was used during the first request.

308 Permanent redirect

This status code means that the resource isn’t permanently located at another URL. This information will be indicated by the Location: HTTP Response header. This code is similar to the 301 permanently response code. However, the user agent cannot change the HTTP method. A POST must be used for the second request if it was used in the initial request.

4, Client Error Responses

Now we will go to HTTP errors which may be alarming. HTTP response codes within the HTTP error 400s indicate that the client is unable to fulfill a request. The most common error 400 family of Hypertext Transfer Protocol, (HTTP), Status Code is 404. This means that the client is not available and the request cannot be fulfilled.

400 Unsolicited

This code is common and indicates that the server cannot understand the request because of invalid syntax.

401 Unauthorized

While the HTTP standard says “unauthorized”, this response can be understood semantically to mean “unauthenticated”. To get the requested response, the client must authenticate. Similar to 403 Forbidden but for when authentication is required, has failed or not yet been provided.

402 Payment Required

This response code will be used in the future. It was originally intended to be used for digital payment systems. However, it is very rarely used and there is not a standard.

403 Forbidden

This is the status code for the service refusing to provide resources. The server knows the identity of the client, unlike a 401 error.

404 Not Found

This code indicates that the server cannot find the requested resource. This status code is displayed in your internet browser and means that the URL has not been recognized. This can also be used to indicate that an API endpoint is valid, but not the resource. To hide the existence of a resource, servers may send the response rather than a 403 error. This is the most well-known response code that appears online.

405 Method not Allowed

This response code indicates that the request method has been disabled by the server and is not available for use. This is an example of how an API might prohibit the deletion of a resource.

406 Not Acceptable

This response code is sent to the web server when it doesn’t find content that meets the criteria specified by the user agent. Often, this results in server-driven content negotiation.

407 Proxy Authentication Required

Although the response code is similar to the 401 code in format, authentication must be done via proxy.

408 Request Timout

This response is typically sent from an idle server connection even if the client has not requested it previously. This basically means that the server wants to close the idle connection. The response is more commonly used these days because web browsers like Firefox and chrome use HTTP connection mechanisms to speed-up surfing. You should also be aware that some servers might not issue this notice and may close the connection.

409 Conflict

This is the response that he sent to the server in the event of a conflict between the current state and the request.

410 Gone

This error indicates that the requested resource is not available anymore and will not be made available again. This code should only be used if a resource has been deliberately removed. The resource should not be deleted. Clients should not request the same resource again after receiving a 410 status code. Search engines and clients such as search engines can remove the resource.

411 Length Required

This simply means that the request didn’t specify a link to the content. The requested resource requires this response.

412 Precondition Failed

Also Read:  Roofstock vs Fundrise

The 412 status code indicates that the server doesn’t meet any of the requirements that were specified in the request header fields.

413 Too High a Payload

If the request entity is greater than the limits set by the server, the server may close the connection or return a Retry-After header.

414 URI Too Exhaustive

The server cannot process the request because it is too large. Previously known as “Request Entity Too Large”.

415 Unsupported Media Type

Because the request’s entity is not supported by the requested resource, the server refuses to serve it.

416 Range not Satisfiable

The Range header field of the request cannot be fulfilled. It is possible that the range is larger than the data in the target URI.

417 Expectation Failed

The Expect request-header field is not applicable to this server.

418 I’m a Teapot

The server rejects the request to brew tea with a teapot. This code was originally created in 1998 by IETF April Fools’ jokes.

421 Missdirected Request

This request was sent to a server that could not produce a reply. This request can be sent to a server that does not have the ability to respond to the combination of authority and scheme that was included in the request URI.

422 Unprocessable Entity WebDAV

Although the request was well-written, it was not able to be followed because of semantic errors. This error condition can occur if the XML request body contains well formed (i.e. syntactically correct) but unclear XML instructions.

423 locked (WebDAV).

The resource being accessed has been locked.

424 Failed Dependantency (WebDAV).

Because the request was dependent on another request, it failed.

425 Too Soon

This indicates that the server is not willing to process a request that could be replayed.

426 Upgrade Required

Although the server declines to process the request using the current protocol, it might allow the client to upgrade to another protocol. To indicate which protocol is required, the server sends a 426 Response with an Upgrade header.

428 Precondition

The request must be conditional to the origin server. This is to avoid the “lost update” problem. Clients can request a resource’s status, modify it and then PUT it back to the server. However, a third party may have modified the server’s state. This could lead to conflict.

429 Too many requests

The status code 429 indicates that the user has submitted too many requests within a certain time period (“rate limiting”) The response representations should include detailed explanations of the condition and may include a Retry After header that indicates how long it takes to make a new request. If a server is under attack, or receives a large number of requests from one party, each request will be responded to with a 429 status code. This will consume resources.

431 Too Many Request Header Fields

The status code 431 indicates that the server cannot process the request due to the header fields being too large. After reducing the request header field size, the request may be resubmitted. You can use it when all of the request header fields are too large or when only one header field is responsible. In this case, the response representation must specify which header field was at fault.

451 Unavailable due to Legal Reasons

The user-agent asked for a resource that could not legally be provided. For example, a web page that was censored or blocked by a government. This also refers to Fahrenheit 451, a 1953 novel, where books are banned and 451degF the auto ignition temperature for paper.

5, Server Error Responses

Finally, the 500–599 HTTP status codes inform the log about problems with the server. Although servers are supposed to cooperate with each other, these Hypertext Transfer Protocol Response Codes indicate that there may be a problem with how they worked together. 502: Bad Gateway simply means that one server received an inexplicable response from another. However, the gravity of this situation could vary. However, HTTP response codes within the 500 group might need to be addressed.

500 Internal Server Error

The HTTP status code is a generic error message indicating that a condition has been encountered unexpectedly. No further details are available. This error can be caused by a server misconfiguration, which is one of the most common causes.

501 Not Implemented

Either the server does not recognize the request or the server is unable to fulfill the request. This usually means that the server is not able to fulfill your request.

502 Bad Gateway

The server was acting as a proxy or gateway and received an incontinent response from the upstream server.

503 Unavailable

This error code indicates that the server was acting as a proxy or gateway and received an incompatible response from the upstream server.

504 Gateway Timeout

The server was acting as a proxy or gateway and did not receive a response from the upstream server.

505 HTTP Version Not Supported

This status code means that the server doesn’t support the HTTP protocol version requested.

506 Variant also Negotiates

This is a server error that means the negotiation for the server request results in circular refers.

507 Insufficient storage (WebDAV).

The server cannot store the information required to complete the request.

508 Loop Detected (WebDAV)

A server stopped processing an operation due to an infinite loop that it encountered while processing a request with the “Depth” infinity parameter. This indicates that the entire operation was unsuccessful.

510 Not Extended

Requests have not been made in accordance with the policy to access the resource. The server must send all information required for the client’s extended request.

511 Network Authentication Required

To gain network access, the client must authenticate. This is intended to be used to intercept proxies that are used to control network access (e.g. “captive portals”, which require agreement to Terms of Service before granting Internet access via a WiFi hotspot).

Other Important HTTP Status Codes

HTTP 502: Bad Getaway. HTTP 404: File not found. These words may sound familiar. These are the most frequent HTTP response codes we may encounter every day. These aren’t the only HTTP status codes. There are many other HTTP status codes, ranging from 100 to 599. Each one contains specific information for anyone who needs it: programmers, log administrators, website visitors, and programmers. These codes are part a specific language that will assist those who run the World Wide Web in making it an efficient machine that connects everyone online.

Also Read:  How to Transport Large Files?

Why should you learn everything about HTTP response codes? You may not be familiar with these HTTP error codes. For others, simple HTTP 502 and HTTP 404 errors are confusing. BelugaCDN recognizes the importance of tech-savvy. This is not just for the individual but also for the professional sense. This knowledge is also advantageous when you use technology to support your business. You can understand server logs better and get more customized technology solutions than the general ones everyone uses. Let’s begin our journey by learning other important HTTP status codes.

Unofficial Codes

103 Checkpoint

This is used to return headers of response before the final HTTP message.

218 This is fine. (Apache Web Server

This is used to catch all errors that prevent response bodies from flowing through Apache when ProxyErrorOverride has been enabled.

419 Page Exited (Laravel Framework

When a CSRF Token has expired or is missing, it can be used by the Laravel Framework.

420 Method Failed (Spring Framework).

The Spring Framework uses a deprecated response when a method fails.

420 Improve Your Calm (Twitter).

Twitter has an informal extension to the 420 Enhance your Calm status code. Twitter used this code to inform HTTP clients they were being rate restricted. Rate limiting is a restriction on how many requests a client can make within a given time frame.

430 Request Header Felds Too Big (Shopify).

This status code means that the server cannot process the request due to the header fields being too large. After reducing the request header field size, the request may be resubmitted. … Responses with the status code 430 must not be saved in a cache

450 Block by Windows Parental Controls. (Microsoft).

This extension code from Microsoft indicates that Windows Parental Controls have been turned on and are blocking access at the requested website.

498 Invalid Token (Esri)

ArcGIS Server has returned the code. Code 498 is a code that indicates an invalid or expired token.

499 Token Requirement (Esri).

A non-standard status code that nginx introduced to handle the situation when a client closes the link while nginx processes the request.

509 Bandwidth Limit Exceeded by Apache Web Server/cPanel

The server exceeded the bandwidth set by the administrator. This is often used to limit bandwidth for customers by shared hosting providers.

526 Invalid Certificate SSL

This HTTP response code indicates when the client should switch protocols. It is found in the Upgrade header field.

529 Website is too loaded

Qualys uses this HTTP response code in its SSLLabs API server testing API to indicate that the site cannot process the request.

530 Website is frozen

This error means that the requested hostname could not be resolved by the Cloudflare network to an original server.

598 (Informal convention) Network read timeout error

Some HTTP proxy servers use this method to indicate a network timeout to clients in front of the proxy.

Internet Information Services

440 Login-Time-out

Client’s session is over. Please log in again.

449 Try With

Because the user has not provided all the information required, the server can’t honor the request.

451 Redirect

As a result of a legal request, the server denies access to the resource.

Nginx

444 No Response

This status indicates that nginx was instructed to close the connection and not send a reply to the client. This status is used often to deny malicious or malformed requests.

494 Request header to large

This status code is used to notify nginx that the client’s request is too large or the header line too long.

495 SSL Certificate Error

This extension of the 400 Bad Request Response Code is used for clients who have provided invalid client certificates.

496 SSL certificate required

A modification to the 400 Bad Request Response Code, which is used for client certificates that are not yet provided.

497 HTTP Request Sent To HTTPS Port

This extension of the 400 Bad Request response is used by clients who have made HTTP requests to ports listening for HTTPS requests.

499 Client Closed

A non-standard status code that nginx introduced to handle the situation when a client closes the link while nginx processes the request.

Cloudflare

520 Web Server returned an unknown error

The 520 error serves as a catch-all response to an unexpected return from the origin server. It lists connection resets, large headers and invalid responses as common triggers.

521 The Web Server is Down

This error means that Cloudflare refused to connect.

522 Connection Timed Out

This status code means that a TCP handshake cannot be negotiated with Cloudflare.

523 Origin is Unreachable

Cloudflare was unable to reach the origin server. This could be due to incorrect DNS records.

524 A Timeout Occurred

Cloudflare was successful in connecting to the origin server via TCP, but didn’t receive an HTTP response within the time frame.

525 SSL Handshake Failure

Cloudflare was unable to negotiate an SSL/TLS handshake between the origin server and Cloudflare.

526 Invalid Certificate SSL

Cloudflare’s gorouter uses this to indicate that the SSL/TLS certificate presented by the origin server was not valid.

527 Railgun Error

Error 527 means that the request failed or was delayed after the WAN connection was established.

530

Error 530 means that the requested hostname could not be resolved by the Cloudflare network to an Origin server.

AWS Elastic Load Balancing

460

This error could mean that the file link has been restricted or blocked, for example, because of a copyright claim. Contact support if you suspect a file was incorrectly flagged.

463

This error code refers a invalid media name.

Conclusion

There you go! This is a brief overview of HTTP codes and the meanings of these HTTP status codes. This is a great first step in understanding the server log. You’ll be able to identify which HTTP response codes need your attention.

Previous articleShopify 502 Bad Gateway
Next articleHow to Setup CDN for Website?
Evangeline Christina is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cyberspecial.net. Previously, he worked as a security news reporter in a reputed news agency.

LEAVE A REPLY

Please enter your comment!
Please enter your name here