Skip to content

Complete Guide and List of HTTP Status Codes

A photo displaying a browser address bar

HTTP status codes are a communication tool between servers and browsers. 

The status code is what allows both the server and the browser to know exactly what is going on when it comes to requests and responses. If you have ever noticed a “404 Error” on a website you’re trying to load, then you have seen an HTTP status code in action.

The 5 Tiers of HTTP Status Codes

There are 5 tiers of status codes, divided into a numerical system of 100s through 500s. Each tier has a general meaning, and the codes within that tier reveal more detailed, precise information about the request and response. 

  • 100s: Informational Codes
  • 200s: Success Codes
  • 300s: Redirect Codes
  • 400s: User/Client Error Codes
  • 500s: Server Error Codes

Complete List of HTTP Status Codes

This is a complete list of all HTTP status codes and what they mean. We have provided additional information about the codes that you are most likely to see, which are marked with an asterisk.

CodeCategoryDescription
100s
100InformationalContinue
101InformationalSwitching Protocols
102InformationalProcessing (WebDAV)
200s
200*SuccessOK
201*SuccessCreated
202SuccessAccepted
203SuccessNon-Authoritative Information
204*SuccessNo Content
205SuccessReset Content
206SuccessPartial Content
207SuccessMulti-Status (WebDAV)
208SuccessAlready Reported (WebDAV)
300s
300RedirectMultiple Choices
301*RedirectMoved Permanently
302RedirectFound
303RedirectSee Other
304*RedirectNot Modified
305RedirectUse Proxy
306Redirect(Unused)
307RedirectTemporary Redirect
308RedirectPermanent Redirect (experimental)
400s
400*User/Client ErrorBad Request
401*User/Client ErrorUnauthorized
402User/Client ErrorPayment Required
403*User/Client ErrorForbidden
404*User/Client ErrorNot Found
405User/Client ErrorMethod Not Allowed
406User/Client ErrorNot Acceptable
407User/Client ErrorProxy Authentication Required
408User/Client ErrorRequest Timeout
409User/Client ErrorConflict
410*User/Client ErrorGone
411User/Client ErrorLength Required
412User/Client ErrorPrecondition Failed
413User/Client ErrorRequest Entity Too Large
414User/Client ErrorRequest–URI Too Long
415User/Client ErrorUnsupported Media Type
416User/Client ErrorRequested Range not Satisfiable
417User/Client ErrorExpectation Failed
418User/Client ErrorI’m a Teapot (RFC 2234)
420User/Client ErrorEnhance Your Calm (Twitter)
422User/Client ErrorUnprocessable Entity (WebDAV)
423User/Client ErrorLocked (WebDAV)
424User/Client ErrorFailed Dependency (WebDAV)
425User/Client ErrorReserved for WebDAV
426User/Client ErrorUpgrade Required
428User/Client ErrorPrecondition Required
429User/Client ErrorToo Many Requests
431User/Client ErrorRequest Header Fields Too Large
444User/Client ErrorPrecondition Required
449User/Client ErrorRetry With (Microsoft)
450User/Client ErrorBlocked by Windows Parental Controls (Microsoft)
451User/Client ErrorUnavailable for Legal Reasons
499User/Client ErrorClient Closed Request (Nginx)
500s
500*Server ErrorInternal Server Error
501Server ErrorNot Implemented
502Server ErrorBad Gateway
503*Server ErrorService Unavailable
504Server ErrorGateway Turnout
505Server ErrorHTTP Version Not Supported
506Server ErrorVariant Also Negotiates (Experimental)
507Server ErrorInsufficient Storage (WebDAV)
508Server ErrorLoop Detected
509Server ErrorBandwidth Limit Exceeded (Apache)
510Server ErrorNot Extended
511Server ErrorNetwork Authentication Required
598Server ErrorNetwork Read Timeout Error
599Server ErrorNetwork Connect Timeout Error
A laptop displaying the http error code 405 Method Not Allowed

Additional Information About the Most Common Codes

Some codes are much more common than others, because the circumstances that trigger these codes occur frequently.

Code 200: OK

The 200 range of HTTP server codes communicates that it successfully completed your request. Code 200 is the general code that the server uses when a request is successful, but there is no other information to communicate. 

Code 201: Created

This is a more specific code than just communicating that the request was a success. It is used to respond to a specific creation request. For example, if the user is running a REST API to create a new user or item, the server will respond with 201 to convey that yes, it completed the creation task. Technically, a 200 code would work in this situation, too. But 201 is more precise and gives the user more information without additional work. 

Code 204: No Content

This code communicates that the request was successful, but there is no information to return following the request. The reason why this code is important is because users often expect information in response to their request. This lets them know that it’s intentional that there is no missing information. 

Code 301: Permanent Redirect

A general code in the 300s notifies the user that a website used to exist in one place, but someone moved it. The server is redirecting you to the new location.

Code 301 is used to redirect visitors (as well as bots) to a permanently changed URL. 301 is the most effective redirect code for permanent URL changes. 

Code 304: Not Modified

HTTPS Status Code 304 is used to notify the user that there have been no changes to a specific API. Most clients perform constant monitoring for changes or errors. But when they call their API for information, all they really need to know is whether or not a change has occurred. They do not need huge amounts of information to confirm this. 

Responding with a 304 is the server’s way of saying, “Nothing has changed since your last request.” 

Code 400: Bad Request

Code 400 is a general service error from the client’s side of things. It means that the request was bad or flawed. If the server knows the exact reason for the failure, it will provide a more specific response. If, however, it can’t determine the reason, the server will use Code 400. 

Code 401: Unauthorized

One kind of bad request is an unauthorized one. In this case, the server might require a log-in or an API key in order to respond. The user has failed to log in or to provide the correct API key. Code 401 is the server telling the user, “I don’t know who you are, therefore you can’t access this.”

Code 403: Forbidden

At first glance, “Unauthorized” and “Forbidden” may sound like are describing the same thing. The difference is that a 403 error is used when the API key or log-in is correct, but the user does not have the correct clearance or permissions to access the page. 

Instead of the server saying, “I don’t know who you are,” the server is now saying, “I know who you are, but you don’t have permission to be here.” A common example is when a user without administrative privileges attempts to access a page which is for admins only. In this case, the server recognizes the user. But it denies their access to the page because they do not have the appropriate permissions. 

Code 404: Not Found

This is likely the most well-known HTTP status code, as the average internet user encounters it regularly. This is the message that the server sends when you enter an incorrect URL. No page exists for that address. 

Code 410: Gone

The difference between a 404 and a 410 is that 410 means that someone removed the page. The page is no longer available, and the administrator has left no forwarding address for redirection. If you click a link and see a 410 error, the web administrator likely deleted the page without updating the links. 

Code 500: Internal Server Error

500-level codes are important because they ensure that the user knows that the error is not with them, but with the server itself. The generic 500 error informs the user that something is broken in the server or something in it, which is why they cannot access what they want to access. 

Code 503: Service Unavailable

A 503 error means that the server is unavailable to everyone trying to access it at that time. Perhaps it is undergoing maintenance or there is a temporary server overload. Regardless of reason, no one can access it and it’s best to just try again later. If a server administrator does not know why the 503 error has occurred, this should be an indication to begin troubleshooting immediately. 

Why Is It Useful to Know About HTTP Status Codes?

The average internet user can use their knowledge of HTTP status codes to understand why they are getting a specific result while they are online. 

However, they are especially useful to website administrators and developers. Knowing the meaning of each code allows you to quickly identify problems and try out appropriate solutions. HTTP status codes make the diagnostic process faster and easier.

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking Basics: Learn How Networks Work
  • Online Privacy
  • Online Safety
  • Uncategorized
Jill Knesek talks about CISO challenges and solutions.

CISO Challenges in a Changing Security Landscape

The role of a Chief Information Security Officer (CISO) is constantly changing. The shifts in technology and…

[Read More]
Michael Lyborg talks about the promises and risks of business automation.

Business Automation is Great – But Some Things Should Be Left to Humans

As we see an increase in cyberattacks, it’s more important than ever for companies to be able…

[Read More]
How to Spot Fake Emails.

How to Spot Fake Emails and Avoid Danger

The good news is that you don’t have to become a cybersecurity pro to protect yourself from...

[Read More]
Introducing the Brick

The Brick Turns Off Distracting Apps, Makes Your Life Less Distracted

Here are some details. Brick is a combined software and hardware app that helps temporarily “remove” distracting...

[Read More]
Howard Goodman talks about cybersecurity and business.

Education and Communication are Key to Business Cybersecurity

The landscape of both technology and cyber threats is constantly changing. That means that cybersecurity and business…

[Read More]
Money Lender “Dave”

Money Lender “Dave” is In Hot Water with the FTC and DOJ. Scam or False Advertising?

Money-lender Dave does the one thing that all scammers do: It lied to its target through its...

[Read More]