Skip to content

Complete Guide and List of HTTP Status Codes

A photo displaying a browser address bar

HTTP status codes are a communication tool between servers and browsers. 

The status code is what allows both the server and the browser to know exactly what is going on when it comes to requests and responses. If you have ever noticed a “404 Error” on a website you’re trying to load, then you have seen an HTTP status code in action.

The 5 Tiers of HTTP Status Codes

There are 5 tiers of status codes, divided into a numerical system of 100s through 500s. Each tier has a general meaning, and the codes within that tier reveal more detailed, precise information about the request and response. 

  • 100s: Informational Codes
  • 200s: Success Codes
  • 300s: Redirect Codes
  • 400s: User/Client Error Codes
  • 500s: Server Error Codes

Complete List of HTTP Status Codes

This is a complete list of all HTTP status codes and what they mean. We have provided additional information about the codes that you are most likely to see, which are marked with an asterisk.

CodeCategoryDescription
100s
100InformationalContinue
101InformationalSwitching Protocols
102InformationalProcessing (WebDAV)
200s
200*SuccessOK
201*SuccessCreated
202SuccessAccepted
203SuccessNon-Authoritative Information
204*SuccessNo Content
205SuccessReset Content
206SuccessPartial Content
207SuccessMulti-Status (WebDAV)
208SuccessAlready Reported (WebDAV)
300s
300RedirectMultiple Choices
301*RedirectMoved Permanently
302RedirectFound
303RedirectSee Other
304*RedirectNot Modified
305RedirectUse Proxy
306Redirect(Unused)
307RedirectTemporary Redirect
308RedirectPermanent Redirect (experimental)
400s
400*User/Client ErrorBad Request
401*User/Client ErrorUnauthorized
402User/Client ErrorPayment Required
403*User/Client ErrorForbidden
404*User/Client ErrorNot Found
405User/Client ErrorMethod Not Allowed
406User/Client ErrorNot Acceptable
407User/Client ErrorProxy Authentication Required
408User/Client ErrorRequest Timeout
409User/Client ErrorConflict
410*User/Client ErrorGone
411User/Client ErrorLength Required
412User/Client ErrorPrecondition Failed
413User/Client ErrorRequest Entity Too Large
414User/Client ErrorRequest–URI Too Long
415User/Client ErrorUnsupported Media Type
416User/Client ErrorRequested Range not Satisfiable
417User/Client ErrorExpectation Failed
418User/Client ErrorI’m a Teapot (RFC 2234)
420User/Client ErrorEnhance Your Calm (Twitter)
422User/Client ErrorUnprocessable Entity (WebDAV)
423User/Client ErrorLocked (WebDAV)
424User/Client ErrorFailed Dependency (WebDAV)
425User/Client ErrorReserved for WebDAV
426User/Client ErrorUpgrade Required
428User/Client ErrorPrecondition Required
429User/Client ErrorToo Many Requests
431User/Client ErrorRequest Header Fields Too Large
444User/Client ErrorPrecondition Required
449User/Client ErrorRetry With (Microsoft)
450User/Client ErrorBlocked by Windows Parental Controls (Microsoft)
451User/Client ErrorUnavailable for Legal Reasons
499User/Client ErrorClient Closed Request (Nginx)
500s
500*Server ErrorInternal Server Error
501Server ErrorNot Implemented
502Server ErrorBad Gateway
503*Server ErrorService Unavailable
504Server ErrorGateway Turnout
505Server ErrorHTTP Version Not Supported
506Server ErrorVariant Also Negotiates (Experimental)
507Server ErrorInsufficient Storage (WebDAV)
508Server ErrorLoop Detected
509Server ErrorBandwidth Limit Exceeded (Apache)
510Server ErrorNot Extended
511Server ErrorNetwork Authentication Required
598Server ErrorNetwork Read Timeout Error
599Server ErrorNetwork Connect Timeout Error
A laptop displaying the http error code 405 Method Not Allowed

Additional Information About the Most Common Codes

Some codes are much more common than others, because the circumstances that trigger these codes occur frequently.

Code 200: OK

The 200 range of HTTP server codes communicates that it successfully completed your request. Code 200 is the general code that the server uses when a request is successful, but there is no other information to communicate. 

Code 201: Created

This is a more specific code than just communicating that the request was a success. It is used to respond to a specific creation request. For example, if the user is running a REST API to create a new user or item, the server will respond with 201 to convey that yes, it completed the creation task. Technically, a 200 code would work in this situation, too. But 201 is more precise and gives the user more information without additional work. 

Code 204: No Content

This code communicates that the request was successful, but there is no information to return following the request. The reason why this code is important is because users often expect information in response to their request. This lets them know that it’s intentional that there is no missing information. 

Code 301: Permanent Redirect

A general code in the 300s notifies the user that a website used to exist in one place, but someone moved it. The server is redirecting you to the new location.

Code 301 is used to redirect visitors (as well as bots) to a permanently changed URL. 301 is the most effective redirect code for permanent URL changes. 

Code 304: Not Modified

HTTPS Status Code 304 is used to notify the user that there have been no changes to a specific API. Most clients perform constant monitoring for changes or errors. But when they call their API for information, all they really need to know is whether or not a change has occurred. They do not need huge amounts of information to confirm this. 

Responding with a 304 is the server’s way of saying, “Nothing has changed since your last request.” 

Code 400: Bad Request

Code 400 is a general service error from the client’s side of things. It means that the request was bad or flawed. If the server knows the exact reason for the failure, it will provide a more specific response. If, however, it can’t determine the reason, the server will use Code 400. 

Code 401: Unauthorized

One kind of bad request is an unauthorized one. In this case, the server might require a log-in or an API key in order to respond. The user has failed to log in or to provide the correct API key. Code 401 is the server telling the user, “I don’t know who you are, therefore you can’t access this.”

Code 403: Forbidden

At first glance, “Unauthorized” and “Forbidden” may sound like are describing the same thing. The difference is that a 403 error is used when the API key or log-in is correct, but the user does not have the correct clearance or permissions to access the page. 

Instead of the server saying, “I don’t know who you are,” the server is now saying, “I know who you are, but you don’t have permission to be here.” A common example is when a user without administrative privileges attempts to access a page which is for admins only. In this case, the server recognizes the user. But it denies their access to the page because they do not have the appropriate permissions. 

Code 404: Not Found

This is likely the most well-known HTTP status code, as the average internet user encounters it regularly. This is the message that the server sends when you enter an incorrect URL. No page exists for that address. 

Code 410: Gone

The difference between a 404 and a 410 is that 410 means that someone removed the page. The page is no longer available, and the administrator has left no forwarding address for redirection. If you click a link and see a 410 error, the web administrator likely deleted the page without updating the links. 

Code 500: Internal Server Error

500-level codes are important because they ensure that the user knows that the error is not with them, but with the server itself. The generic 500 error informs the user that something is broken in the server or something in it, which is why they cannot access what they want to access. 

Code 503: Service Unavailable

A 503 error means that the server is unavailable to everyone trying to access it at that time. Perhaps it is undergoing maintenance or there is a temporary server overload. Regardless of reason, no one can access it and it’s best to just try again later. If a server administrator does not know why the 503 error has occurred, this should be an indication to begin troubleshooting immediately. 

Why Is It Useful to Know About HTTP Status Codes?

The average internet user can use their knowledge of HTTP status codes to understand why they are getting a specific result while they are online. 

However, they are especially useful to website administrators and developers. Knowing the meaning of each code allows you to quickly identify problems and try out appropriate solutions. HTTP status codes make the diagnostic process faster and easier.

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking Basics: Learn How Networks Work
  • Online Privacy
  • Online Safety
  • Uncategorized
Reverse Image Search: Guide and Tools

Reverse Image Search: Guide and Tools

Have you ever seen an image somewhere and wondered, Where have I seen that before? Or maybe…

[Read More]
How to Fix a Wet Smartphone

How to Fix a Wet Smartphone: Important Steps to Take

Although unheard of 25 years ago, we now collectively depend on our smartphones. Americans use smartphones to…

[Read More]
Can you unsend an iMessage?

How to Unsend an iMessage: A Quick Guide

We’ve all experienced that Homer Simpson DOH! feeling after hitting send on a message we did not…

[Read More]
Mark Kreitzman talks about SIM swapping, mobile security, and how most mobile carrieres are putting you at risk.

Mobile Security Factors to Protect Your Phone from Criminals

Your phone is not as secure as you think. There are lots of ways for hackers, criminals,…

[Read More]
Cars today have many microprocessors and sensors. They gather a lot of data to power advanced features, boost safety, and make driving smarter.

What Does Your Car Know About You?

Cars are smarter than ever before. Cars have had computers since 1968, but today, there are thousands…

[Read More]
How to Protect Your iPhone

How to Secure Your iPhone Against iMessage Vulnerabilities

Have you heard about the Operation Triangulation attacks that targeted iPhones from 2019-2023? According to Kaspersky, a somewhat…

[Read More]