Complete Guide and List of HTTP Status Codes
HTTP status codes are a communication tool between servers and browsers.
The status code is what allows both the server and the browser to know exactly what is going on when it comes to requests and responses. If you have ever noticed a “404 Error” on a website you’re trying to load, then you have seen an HTTP status code in action.
The 5 Tiers of HTTP Status Codes
There are 5 tiers of status codes, divided into a numerical system of 100s through 500s. Each tier has a general meaning, and the codes within that tier reveal more detailed, precise information about the request and response.
- 100s: Informational Codes
- 200s: Success Codes
- 300s: Redirect Codes
- 400s: User/Client Error Codes
- 500s: Server Error Codes
Complete List of HTTP Status Codes
This is a complete list of all HTTP status codes and what they mean. We have provided additional information about the codes that you are most likely to see, which are marked with an asterisk.
Code | Category | Description |
100s | ||
100 | Informational | Continue |
101 | Informational | Switching Protocols |
102 | Informational | Processing (WebDAV) |
200s | ||
200* | Success | OK |
201* | Success | Created |
202 | Success | Accepted |
203 | Success | Non-Authoritative Information |
204* | Success | No Content |
205 | Success | Reset Content |
206 | Success | Partial Content |
207 | Success | Multi-Status (WebDAV) |
208 | Success | Already Reported (WebDAV) |
300s | ||
300 | Redirect | Multiple Choices |
301* | Redirect | Moved Permanently |
302 | Redirect | Found |
303 | Redirect | See Other |
304* | Redirect | Not Modified |
305 | Redirect | Use Proxy |
306 | Redirect | (Unused) |
307 | Redirect | Temporary Redirect |
308 | Redirect | Permanent Redirect (experimental) |
400s | ||
400* | User/Client Error | Bad Request |
401* | User/Client Error | Unauthorized |
402 | User/Client Error | Payment Required |
403* | User/Client Error | Forbidden |
404* | User/Client Error | Not Found |
405 | User/Client Error | Method Not Allowed |
406 | User/Client Error | Not Acceptable |
407 | User/Client Error | Proxy Authentication Required |
408 | User/Client Error | Request Timeout |
409 | User/Client Error | Conflict |
410* | User/Client Error | Gone |
411 | User/Client Error | Length Required |
412 | User/Client Error | Precondition Failed |
413 | User/Client Error | Request Entity Too Large |
414 | User/Client Error | Request–URI Too Long |
415 | User/Client Error | Unsupported Media Type |
416 | User/Client Error | Requested Range not Satisfiable |
417 | User/Client Error | Expectation Failed |
418 | User/Client Error | I’m a Teapot (RFC 2234) |
420 | User/Client Error | Enhance Your Calm (Twitter) |
422 | User/Client Error | Unprocessable Entity (WebDAV) |
423 | User/Client Error | Locked (WebDAV) |
424 | User/Client Error | Failed Dependency (WebDAV) |
425 | User/Client Error | Reserved for WebDAV |
426 | User/Client Error | Upgrade Required |
428 | User/Client Error | Precondition Required |
429 | User/Client Error | Too Many Requests |
431 | User/Client Error | Request Header Fields Too Large |
444 | User/Client Error | Precondition Required |
449 | User/Client Error | Retry With (Microsoft) |
450 | User/Client Error | Blocked by Windows Parental Controls (Microsoft) |
451 | User/Client Error | Unavailable for Legal Reasons |
499 | User/Client Error | Client Closed Request (Nginx) |
500s | ||
500* | Server Error | Internal Server Error |
501 | Server Error | Not Implemented |
502 | Server Error | Bad Gateway |
503* | Server Error | Service Unavailable |
504 | Server Error | Gateway Turnout |
505 | Server Error | HTTP Version Not Supported |
506 | Server Error | Variant Also Negotiates (Experimental) |
507 | Server Error | Insufficient Storage (WebDAV) |
508 | Server Error | Loop Detected |
509 | Server Error | Bandwidth Limit Exceeded (Apache) |
510 | Server Error | Not Extended |
511 | Server Error | Network Authentication Required |
598 | Server Error | Network Read Timeout Error |
599 | Server Error | Network Connect Timeout Error |
Additional Information About the Most Common Codes
Some codes are much more common than others, because the circumstances that trigger these codes occur frequently.
Code 200: OK
The 200 range of HTTP server codes communicates that it successfully completed your request. Code 200 is the general code that the server uses when a request is successful, but there is no other information to communicate.
Code 201: Created
This is a more specific code than just communicating that the request was a success. It is used to respond to a specific creation request. For example, if the user is running a REST API to create a new user or item, the server will respond with 201 to convey that yes, it completed the creation task. Technically, a 200 code would work in this situation, too. But 201 is more precise and gives the user more information without additional work.
Code 204: No Content
This code communicates that the request was successful, but there is no information to return following the request. The reason why this code is important is because users often expect information in response to their request. This lets them know that it’s intentional that there is no missing information.
Code 301: Permanent Redirect
A general code in the 300s notifies the user that a website used to exist in one place, but someone moved it. The server is redirecting you to the new location.
Code 301 is used to redirect visitors (as well as bots) to a permanently changed URL. 301 is the most effective redirect code for permanent URL changes.
Code 304: Not Modified
HTTPS Status Code 304 is used to notify the user that there have been no changes to a specific API. Most clients perform constant monitoring for changes or errors. But when they call their API for information, all they really need to know is whether or not a change has occurred. They do not need huge amounts of information to confirm this.
Responding with a 304 is the server’s way of saying, “Nothing has changed since your last request.”
Code 400: Bad Request
Code 400 is a general service error from the client’s side of things. It means that the request was bad or flawed. If the server knows the exact reason for the failure, it will provide a more specific response. If, however, it can’t determine the reason, the server will use Code 400.
Code 401: Unauthorized
One kind of bad request is an unauthorized one. In this case, the server might require a log-in or an API key in order to respond. The user has failed to log in or to provide the correct API key. Code 401 is the server telling the user, “I don’t know who you are, therefore you can’t access this.”
Code 403: Forbidden
At first glance, “Unauthorized” and “Forbidden” may sound like are describing the same thing. The difference is that a 403 error is used when the API key or log-in is correct, but the user does not have the correct clearance or permissions to access the page.
Instead of the server saying, “I don’t know who you are,” the server is now saying, “I know who you are, but you don’t have permission to be here.” A common example is when a user without administrative privileges attempts to access a page which is for admins only. In this case, the server recognizes the user. But it denies their access to the page because they do not have the appropriate permissions.
Code 404: Not Found
This is likely the most well-known HTTP status code, as the average internet user encounters it regularly. This is the message that the server sends when you enter an incorrect URL. No page exists for that address.
Code 410: Gone
The difference between a 404 and a 410 is that 410 means that someone removed the page. The page is no longer available, and the administrator has left no forwarding address for redirection. If you click a link and see a 410 error, the web administrator likely deleted the page without updating the links.
Code 500: Internal Server Error
500-level codes are important because they ensure that the user knows that the error is not with them, but with the server itself. The generic 500 error informs the user that something is broken in the server or something in it, which is why they cannot access what they want to access.
Code 503: Service Unavailable
A 503 error means that the server is unavailable to everyone trying to access it at that time. Perhaps it is undergoing maintenance or there is a temporary server overload. Regardless of reason, no one can access it and it’s best to just try again later. If a server administrator does not know why the 503 error has occurred, this should be an indication to begin troubleshooting immediately.
Why Is It Useful to Know About HTTP Status Codes?
The average internet user can use their knowledge of HTTP status codes to understand why they are getting a specific result while they are online.
However, they are especially useful to website administrators and developers. Knowing the meaning of each code allows you to quickly identify problems and try out appropriate solutions. HTTP status codes make the diagnostic process faster and easier.
Related Articles
- All
- Easy Prey Podcast
- General Topics
- Home Computing
- IP Addresses
- Networking Basics: Learn How Networks Work
- Online Privacy
- Online Safety
Quantum Computing and Cybersecurity: Preparing for the Future
Today’s world moves at lightning speed compared to the previous generation. To stay ahead of the curve,…
[Read More]About Those Online Plagiarism Tools…Do They Actually Work?
If you have ever been a student or a teacher, you know how big of a deal…
[Read More]Using ChatGPT at Work: What to Do and What Not to Do
When ChatGPT exploded onto the scene in 2022, you could immediately see the ripples that went through…
[Read More]Why Romance Scam Prevention Matters: Key Statistics and Insights
October 3rd is World Romance Scam Prevention Day. Though the officially recognized day is new, the need…
[Read More]The Emotional Impact of Being Scammed is Massive for Victims
Pig butchering and other scams that result in financial loss are often dismissed as “just” a financial…
[Read More]The Lies and Deceit Behind a Pig-Butchering Scam
The criminals who perpetrate pig butchering scams are professionals in the truest sense. They have their goals...
[Read More]