Server response codes: full list

Server response groups

There are five categories of responses:

1. Informational – ranges from 100 to 105.
2. Success –  ranges from 200 to 226.
3. Redirection – from 300 to 307.
4. Client Error ranges from 400 to 499.
5. Server Error – from 500 to 526.

Let's take a closer look at the most common codes in each of these categories.

1xx: informational response group

1. Response code Response transcript HTTP version
2. 100 «Continue» Informs about acceptance of the request by the server and initialization of further processing. That is, the client is allowed to continue forwarding headers. HTTP/1.1
3. 101 «Switching Protocols» This server response code indicates that the TCP connection should be used for another protocol. The Update header field also necessarily specifies several suitable protocols. HTTP/1.1
4. 102 «Processing» Reports that the request has been successfully accepted, but also indicates that it will take much longer to process than usual. If you see such code – do not rush to break the connection to the server, wait until processing is completed. HTTP/1.1
5. 103 «Early Hints» This code provides an early return of meta-information – part of the headers. It is used in situations where full response headers cannot be generated quickly. HTTP/1.1

In response to the information codes do not need to send anything to the server, they are only needed to inform the receiving party about its status.

2xx: group of successf responses

1. Response code Response transcript HTTP version
2. 200 «OK» Informs about the successful completion of the request processing. If the client requested data, it can be viewed in the received header or in the response body. HTTP/1.0 and newer
3. 201 «Created» Reports a successful request to create a new resource. The address of the new resource is attached to the body of the response. HTTP/1.0 and newer
4. 202 «Accepted» Accepting a request for processing without final completion. The client may not have to wait for the message to be fully transmitted, as this process can take a long time. HTTP/1.0 and newer
5. 203 «Non-Authoritative Information» This server response code is similar to the 200 "OK" with the difference that the information is not taken from the source, and therefore its relevance is questionable. HTTP/1.0 and HTTP/1.1
6. 204 «No Content» Successful request processing, but the client receives only headers without content. The headers themselves can be used to update the metadata. HTTP/1.0 and newer
7. 205 «Reset Content» Only on HTTP/1.1
8. 206 «Partial Content» Signals that a GET request has been partially executed. In this response, the Content-Range header will contain one or more byte ranges of content. Only on HTTP/1.1
9. 207 «Multi-Status» Reports that the server simultaneously transmits the results of several independent operations. Appeared in WebDAV

3xx: redirection messages

This group of server responses informs you that you need to initiate another request to a specific URL in order to proceed with the operation. The appropriate URL can be read in the Location header.

1. Response code Response transcript HTTP version
2. 300 «Multiple Choice» The specified URL has several options for providing the resource by MIME type, language or other criteria. In the response body, the server sends a list of possible responses, from which the client must choose the most appropriate one. It is rarely used, since there is no unified method for choosing a single response. HTTP/1.0 and newer
3. 301 «Moved Permanently» The requested document is finally moved to the new URL. The address itself is specified in the Location field. HTTP/1.0 and newer
4. 302 «Found» Reports the temporary availability of the requested document at the specified URL, which can also be read in the Location field. HTTP/1.0 and newer
5. 303 «See Other» This server response code is intended to redirect the client to another URL. It is sent if the requested document is temporarily available at a different URL. HTTP/1.1 and newer
6. 304 «Not Modified» The server sends this code when the client makes a GET request using the If-Modified-Since or If-None-Match header. The server message must not contain a body. To view the document of interest, send the request to another URL specified in the Location header. HTTP/1.0 and newer
7. 305 «Use Proxy» The request to the resource of interest must be made through a proxy-server, the address of which can be found in the Location header line of the server response. HTTP/1.1 and newer
8. 306 «Switch Proxy» The request to the resource must be made through the proxy specified by the server in the response header. At the moment the code is not used. HTTP/1.1 only
9. 307 «Temporary Redirect» Reports that the requested resource has been temporarily moved to the URL specified in the Location header. Introduced in RFC 2616 with the HTTP/1.1 update

308 «Permanent Redirect» Reports that the requested resource has been permanently, i.e. permanently, moved to the URL specified in the Location header. Introduced in RFC 7238

4xx: a client error response group

Codes in this group report errors on the client side. As a rule, the message body contains a hypertext explanation for the user. Let's look at the main ones.

1. Response code Response transcript HTTP version
2. 400 «Bad Request» A syntax error was detected in the client's request. HTTP/1.0 and higher
3. 401 «Unauthorized» To access the resource, you must be authenticated. HTTP/0.9 and higher
4. 402 «Payment Required» You can get this response from a server with a paid user service. HTTP/0.9 and 1.1
5. 403 «Forbidden» The request cannot be fulfilled due to restrictions set by the access level. Simply put, the client request cannot be executed due to restrictions set by the administrator or software developer. HTTP/1.0 and higher
6. 404 «Not Found» The legendary and well-known to every average person error that occurs if the requested URL does not contain any resource. HTTP/1.0 and higher
7. 405 «Method Not Allowed» The client method cannot be applied to a given resource because of manual deactivation. Such server response code can be returned to the client in response to attempts to access resources via GET or HEAD methods. HTTP/1.1 and higher
8. 406 «Not Acceptable» The requested URL does not match the characteristics passed in the header. You can read the list of valid characteristics in the server response. HTTP/1.1 and higher
9. 407 «Proxy Authentication Required» To access the resource, you must authenticate for the proxy server. HTTP/1.1 and higher
10. 408 «Request Timeout» Issued when the server is waiting for a response from the client to expire. Often encountered on sites with two-factor authentication, on payment systems and other resources where the response from the client to any request must follow within a limited time. HTTP/1.1 and higher
11. 409 «Conflict» Reports that the request cannot be executed because of a conflicting request. For example, if the client tries to modify the resource in any way using the PUT command. HTTP/1.1 and higher
12. 410 «Gone» Sent when a resource that was previously at the specified URL has been moved to another address. The server does not know the new address. HTTP/1.1 and higher
13. 411 «Length Required» The client should specify Content-Length in the request header and then contact the server again. HTTP/1.1 and higher
14. 412 «Precondition Failed» The client has specified conditions in its headers that the server cannot fulfill. HTTP/1.1 and higher
15. 413 «Payload Too Large» Reports that the allowed request body size has been exceeded. HTTP/1.1 and higher
16. 414 «URI Too Long» The client has specified too long a URL. If you use the GET method to send parameters, you should try POST. HTTP/1.1 and higher
17. 415 «Unsupported Media Type» The server refuses to process data of this type within the method applied. You can try another method. HTTP/1.1 and higher
18. 416 «Range Not Satisfiable» The range specified in the Range header cannot be executed. When transmitting byte ranges, the server will respond with the actual size in the Content-Range field of the header, which can be used when transmitting multipart/byteranges types. HTTP/1.1 and higher
19. 417 «Expectation Failed» The data from the Expect field does not meet the requirements of the server, so the request cannot be executed. HTTP/1.1 and higher
20. 418 «I’m a teapot» A joke code originating in 1998. Not supported by modern servers.
21. 419 «Authentication Timeout» Used as an alternative to 401, when authentication is passed, but the client has no access to certain resources on the server. HTTP/1.1 and higher
22. 421 «Misdirected Request» The server reports a failed attempt to redirect the request to another server, which is unable to respond.
23. 422 «Unprocessable Entity» Informs about the successful acceptance of the request and recognition of the specified types of data. At the same time, due to a certain logical error, it cannot perform the operation. Introduced in WebDAV
24. 423 «Locked» The requested resource cannot be accessed because the method used does not apply to it. Introduced in WebDAV
25. 424 «Failed Dependency» Reports that the request cannot be executed because the previous operation on which the request depended has not yet been completed. Introduced in WebDAV
26. 425 «Too Early» The server refuses to take the risk of processing the "early information". Introduced in RFC 8470 to provide protection against replay attacks when using 0-RTT in TLS 1.3
27. 426 «Upgrade Required» The client needs to upgrade the protocol. The details are contained in the Upgrade and Connection fields. Introduced in RFC 2817 to allow migration to TLS over HTTP
28. 428 «Precondition Required» Tells you to use condition headers like If-Match in your query Introduced in RFC 6585
29. 429 «Too Many Requests» Client tries to send too many requests in a short period of time. The error code is intended to protect against DDoS. In the message body, you can also see the time after which you can send a second request. Introduced in RFC 6585
30. 431 «Request Header Fields Too Large» Reports that the allowed header length is exceeded. Introduced in RFC 6585
31. 434 «Requested host unavailable» Indicates that the requested address is unavailable.
32. 449 «Retry With» The server needs more information to fulfill the request.
33. 451 «Unavailable For Legal Reasons» The target resource is inaccessible because of legal procedures. You may encounter when the site is blocked by a court order or by law enforcement.

5xx: group of server error responses

This group of server responses reports cases of unhandled exceptions found when attempting to perform a server-side operation.

1. Response code Response transcript HTTP version
2. 500 «Internal Server Error» Reports an internal error on the server side that is beyond the scope of the other errors in this group. HTTP/1.0 and higher
3. 501 «Not Implemented» The server cannot process the request because it does not understand the specified method. If the server understands the method, but refuses to execute the request because of internal restrictions, the code "405" is issued. HTTP/1.0 and higher
4. 502 «Bad Gateway» This is issued if the request is sent to a proxy or gateway server. As a rule, an "intermediate" server will try to redirect the request to a higher server – and if it receives an invalid response, the client receives a 502 error. HTTP/1.0 and higher
5. 503 «Service Unavailable» The server is temporarily unable to process requests due to maintenance or reboot. HTTP/1.0 and higher
6. 504 «Gateway Timeout» Acting as a gateway or proxy server, the server has not received a response from the upstream server for some period of time. HTTP/1.1 and higher
7. 505 «HTTP Version Not Supported» The server does not support the specified version of the HTTP protocol. HTTP/1.1 and higher
8. 507 «Insufficient Storage» Informs that there is not enough storage space on the server to complete the operation. Introduced in WebDAV
9. 508 «Loop Detected» The operation was aborted because an infinite loop was detected while processing a query with no depth limit. Introduced in WebDAV
10. 509 «Bandwidth Limit Exceeded» Issued if the website has exceeded the traffic limits set for it. In this case, you should contact the hosting provider directly.
11. 510 «Not Extended» The server is missing an extension that the client is trying to use in its request. As a rule, the server response contains data about available extensions on the server side.
12. 511 «Network Authentication Required» Informs you that authorization is required before the specified request can be executed. Introduced by RFC 6585
13. 520 «Unknown Error» CDN server cannot handle server error.
14. 521 «Web Server Is Down» The web server rejects the CDN connection.
15. 522 «Connection Timed Out» CDN fails to connect to the web server.
16. 525 «SSL Handshake Failed» SSL handshake error between the web server and CDN server.
17. 526 «Invalid SSL Certificate» Failed to validate SSL encryption certificate.