Comprehensive Guide to HTTP Status Codes

In the vast world of the internet, when you enter a URL in the browser’s address bar and press Enter, a grand “drama” of data exchange quietly unfolds. The Hypertext Transfer Protocol (HTTP) serves as a bridge for communication between the client (such as a browser) and the server, enabling web browsing, data exchange, and other functionalities.

Comprehensive Guide to HTTP Status Codes

Basic Concepts of HTTP Status Codes

HTTP status codes are three-digit codes that represent the server’s response, defined by the HTTP/1.0 protocol. These three digits should not be underestimated; the first digit defines the category of the response, while the following two digits provide further details. Through status codes, the client can quickly determine whether the request was successful or where the issue occurred.

Common HTTP Status Code Classifications

1xx (Informational): The server has received the request and the requester needs to continue the operation

These status codes occur relatively infrequently in practical applications. A typical example is 100 Continue, which occurs when the client sends a large request to the server (such as uploading a large file or submitting a long form) and first sends an initial request containing part of the request headers. If the server returns 100 Continue, it indicates that the client can continue sending the rest of the request. For instance, if you want to upload a 500MB file to the server, you cannot send it all at once; you first send a preliminary request header asking the server, “Can I send the file? Are you ready to receive it?” If the server responds with 100 Continue, it means, “Go ahead, I am ready to receive your large file.”

2xx (Success): The request has been successfully processed

  • 200 OK: This is the most common success status code, indicating that the request sent from the client has been processed normally. When you access a webpage in your browser and see the page load correctly, it is highly likely that the server returned a 200 OK status code. Whether retrieving webpage content, querying database data, or other operations, as long as everything goes smoothly, this status code may be received.
  • 204 No Content: Indicates that the client’s request was successfully processed, but the response message does not contain the body of the entity. For example, for some interfaces that perform delete operations, after successfully deleting data, there is no need to return specific data content to the client, so it may return 204. It’s like asking the server to delete an unnecessary file, and after the server deletes it, it tells you, “Done, but there’s nothing for you to see.”
  • 206 Partial Content: The client made a range request (for example, requesting a specific segment of a large video file), and the server successfully executed this part of the request, with the response message containing the entity part within the specified range. For instance, when watching an online video, if you drag the progress bar from the 10th minute to the 15th minute, the server will return the corresponding data for that 5-minute segment based on your range request, and the status code will be 206.

3xx (Redirection): To complete the request, further action is required, usually requiring the client to make additional access

  • 301 Moved Permanently (Permanent Redirect): Indicates that the requested resource has been permanently moved to a new location, which may involve a change of domain or resource path. For example, if a website changes its domain from “olddomain.com” to “newdomain.com“, to ensure that users who have bookmarked the old domain can still access it, a 301 redirect can be set up. Search engines will also replace the old URL with the redirected URL while crawling the new content. From an SEO (Search Engine Optimization) perspective, it helps to pass the weight of the old domain to the new domain.
  • 302 Found (Temporary Redirect): Indicates that the requested resource has been temporarily moved to a new location, generally for a transfer lasting 24 to 48 hours. However, using 302 is not recommended due to security risks, such as potential URL hijacking. When redirecting from URL A to URL B using 302, since it is temporary, search engines may still display URL A, but the actual content is from URL B, which can provide an opportunity for malicious actors.
  • 303 See Other: This has the same function as 302, but 303 explicitly indicates that the client should use the GET method to retrieve the resource, which distinguishes it from 302. For example, after a user submits a form, the server may return 303, instructing the client to redirect to another page using the GET method to view the results.
  • 304 Not Modified: When the client sends a conditional request (generally referring to the GET method), the server allows access, but because the request conditions are not met, it directly returns 304. Although 304 is classified under 3XX, it is not related to redirection. For example, if the client browser has cached a webpage and sends a request with the cached timestamp, and the server finds that the webpage content has not been updated, it returns 304, telling the browser, “You can use the cached version, no need to download again.”
  • 307 Temporary Redirect (Temporary Redirect): This has the same meaning as 302, but the difference is that 307 does not change the client’s request method. If the client originally made a POST request, it will still access the new address using the POST method after the redirect.

4xx (Client Error): The server cannot process this request, and the problem lies with the client

  • 400 Bad Request: Indicates that there is a syntax error in the request message. For example, if you send a request to the server and the format of the request does not comply with the HTTP protocol, the server will return 400. For instance, if you are constructing an API request and the parameter format is incorrect, such as writing a parameter that should be a number as a string, this may trigger this status code.
  • 401 Unauthorized: Indicates that the sent request requires authentication information via HTTP. If a 401 request has already been made, it indicates that user authentication has failed. When you access some websites or interfaces that require login without providing the correct username and password, you will receive this status code. It acts like a “security guard” for the website, stopping you without a pass and telling you, “Please show the correct credentials (login information) first.”
  • 403 Forbidden: Indicates that the client’s request for resource access has been denied by the server. Unlike 401, 403 is not due to not being logged in, but even if logged in, your permissions are insufficient to access that resource. For example, if a regular user tries to access backend data that only administrators can view, the server will deny access with a 403, indicating, “You do not have permission to view this.”
  • 404 Not Found: This is one of the most familiar status codes, indicating that the requested resource cannot be found on the server. If you enter an incorrect URL in the browser or a certain page on the website has been deleted, you will see a 404 page. It’s like going to a library to find a book that doesn’t exist; the librarian will tell you, “The book (resource) you are looking for cannot be found.”

5xx (Server Error): The server encountered an error while processing the request

  • 500 Internal Server Error: An error occurred on the server while executing. This status code means that there is an internal problem with the server, which could be due to bugs in the code, database connection errors, or various server-side failures. For example, if a website suddenly becomes inaccessible and displays a 500 error, it is likely that the server-side program encountered an unexpected situation and could not process the request normally.
  • 502 Bad Gateway: This usually occurs in proxy server scenarios (such as Nginx acting as a reverse proxy), indicating that the proxy server received an invalid response from the upstream server (such as the backend application server). You can imagine it as going to an intermediary agency to handle a matter, and the agency contacts the actual department that can handle it, but that department gives the agency an incorrect reply, which the agency can only relay back to you (the client).
  • 503 Service Unavailable: Indicates that the server is currently unable to process the request, usually due to server overload or maintenance. It’s like a restaurant that is too busy for the waitstaff to keep up, or the restaurant is under renovation and temporarily closed; when customers arrive, they will be told, “We are temporarily unable to serve you (server unavailable).”

Application Scenarios and Troubleshooting Approaches for HTTP Status Codes

Application Scenarios

  • Website Optimization and Maintenance: When a website is redesigned and the page paths change, using 301 redirects appropriately can ensure that users and search engines can smoothly find the new pages, protecting website traffic and SEO from being affected; while during temporary adjustments to certain functions of the website, 302 temporary redirects may be used.
  • API Development and Invocation: API interfaces return corresponding status codes based on different request processing results, allowing the client to determine whether the operation was successful based on the status code. For example, in an e-commerce API, a successful order placement returns 200, while insufficient inventory leading to order failure returns 400, facilitating accurate handling of various situations by the frontend application.
  • Troubleshooting: When a website experiences access anomalies, analyzing HTTP status codes can quickly locate the problem. If it is 404, check whether the page has indeed been deleted or if the path is incorrect; if it is 500, investigate server-side code and environmental issues.

Troubleshooting Approaches

  • When encountering 4xx status codes: First, check the client request to confirm whether the request format is correct, whether the parameters meet the requirements, and whether the login information is accurate. If it is 403, further confirm whether the user permission settings are reasonable.
  • When encountering 5xx status codes: Start from the server side, check server logs, inspect whether there are exceptions in the code, whether the database connection is normal, and whether server resources (such as CPU and memory) are overloaded.

HTTP status codes are a very important “language” in the network world. For IT operations personnel, developers, and a wide range of internet users, understanding common HTTP status codes is very useful for optimizing applications during development and troubleshooting issues while using web applications.

Related posts

  1. Understanding HTTPS: A Comprehensive Guide
  2. Learn A Simple HTTP Responder Library in Go
  3. Introduction to Python Web Scraping: HTTP Protocol and Chrome DevTools
  4. Python Web Scraping: HTTP and HTTPS Protocols
  5. Understanding the HTTP Protocol
  6. Skill Summary | HTTP Beginner’s Guide: Let’s Explore the DeepSeek API Together
  7. Detailed Explanation of Heartbeat, Packet Loss Retransmission, and Connection Timeout Mechanisms in the TCP/IP Protocol Stack
  8. HTTP Request and Response Messages
  9. Understanding HTTP Long Connections in Nginx
  10. Can HTTP/2 + SSE Completely Replace WebSocket?
  11. RFC 9725 – WebRTC HTTP Ingestion Protocol (WHIP) Officially Becomes an RFC Standard
  12. Getting Started with HTTP Requests Using Httpie in Python
  13. Understanding HTTP Status Codes: Troubleshooting Made Easy!
  14. Diverse Thinking Models: Algorithms Part 10
  15. Applications of NPU Chips in the Field of Artificial Intelligence
  16. 10 Must-Read Open Source C Language Projects
  17. Basics of HTTP Protocol
  18. An Overview of the HTTP Protocol
  19. Understanding the HTTP/3 Protocol

Leave a Comment