What are HTTP Status Codes?

When a user browses the internet, the client, i.e., the web browser, corresponds with the webserver using HTTP. The user and the client exchange unique three-digit response status codes that refer to the status of a connection or a requested resource in transit, called HTTP Status Code.

In a way, HTTP acts as the traffic signal on the internet highway between browsers and servers, and status codes convey a variety of states, such as ongoing requests, successful connections, and, more importantly, errors and issues that crop up. While some are displayed right on the browser, others are displayed on the console.

Logically classified based on the first digit, HTTP response codes fall under five categories:

• 1xx codes for information relay
• 2xx codes for success validation
• 3xx codes for redirection details
• 4xx codes for client-side errors
• 5xx codes for server-side errors

What are HTTP Error Codes?

The four and five series of HTTP status codes are more serious than the other categories and form the bulk of all HTTP errors. In this article, we will be discussing the most encountered 4xx and 5xx series status codes.

How to Troubleshoot HTTP errors?

Understanding these errors helps understand the possible root causes of errors and how to fix them. While many of these errors are well known, such as 401 - Unauthorized, 404 - Resource Not Found, and 408 - Request Timeout, others are encountered less frequently but are essential to know about for quick troubleshooting.

Depending on the source of the error (client or server), the administrator has to take a specific path to troubleshoot it. Though the error codes do not often zero in on the exact root causes, they indicate the logic with which a server or the client has experienced an issue, giving clues on where to dig further to find the actual root cause. Before investigating deeper, you may want to try the simple fixes first like refreshing browsers to track and spot any erroneous changes and check the log files (including web servers, if any).

Most encountered client-side HTTP error codes

401: Unauthorized

Possible causes

A 401 error occurs when an API request authentication fails. Checking the WWW-Authenticate header can reveal the type of authentication the server expects. The reasons could be a login failure or access denial. A 401 error can also occur when the user requests access to an unauthorized page by actions like copying and pasting restricted URLs.

Solutions to explore

• Rarely, a 401 error could also point to misinterpretation of a user's action by the server. This can be set right by providing the correct login data or by reloading after clearing the cache and cookies.
• If the login data is unavailable, users can reset their passwords or refresh and try logging in again.
• Draft a uniquely designed error page to guide users on what to do next.

403: Forbidden

Possible causes

A 403 error occurs when the server understands the client but denies access to the requested resource. While a 401 error means authorization failed, a 403 error means that access is intentionally not allowed due to a management decision. It happens when an admin sets the permission to bar clients from accessing the page.

Solutions to explore

• If it is not intentionally forbidden, an error 403 may point to a configuration mistake. Admins can fix improper access permissions that have resulted in the unnecessary error.
• Admins can check the index.htm or index.php files in the location of the error and the directory named forbidden in their servers to ensure correct functioning.
• Admins should also ensure that they protect the site from directory browsing by configuring the authorization settings and revisiting firewall settings.
• If the client cannot access the page due to this error, they can raise a support ticket to the website company to report and remedy it.

404: Not Found

Possible causes

The most known among HTTP status codes, a 404 error occurs when an unrecognized URL fails to fetch an absent resource despite having a valid API endpoint. It happens when a location is removed (dead links), when the URL is entered incorrectly, when the server fails, or when a DNS error occurs. Not fixing this error may even dent SEO rankings.

Solutions to explore

• Users can refresh the page after clearing the cache and cookies.
• Users can also check the URL for spelling mistakes, access the page through the directory, or navigate to the page through the search box instead of directly entering the URL.
• Admins can refresh the web links and fix and redirect URLs.
• Admins should check the .htaccess files for lapses.
• Admins can use webmaster tools to spot 404 errors and dead links.
• Admins can personalize their 404 error page content in the root directory to add a unique touch from the brand.

405: Method Not Allowed

Possible causes

A 405 error occurs when a server's request method (like GET, PUT, POST, DELETE) is unsupported. A 405 error occurs when an admin configures the web server in a certain way to suit their context and purpose, such as for security reasons. A 405 error cannot be fixed by a simple refresh, a restart, or cache clearing.

Solutions to explore

• Admins should check if the HTTP method bans were misconfigured, and if so, set them right (for Apache servers, reset bans using AllowMethods).
• If a certain request is forbidden by the hosting provider, admins should contact them for a remedy.
• As a best practice, admins should clean up the source code that prevents access to resources.

429: Too Many Requests

Possible causes

Also known as rate limiting, a 429 error indicates that too many user requests have been placed within a period. It could be linked to daily usage limits, email, and bandwidth restrictions set by the admin to control use.

Solutions to explore

• Admins should check the number of requests received in the server access log and expand provisioning if legitimate.
• Admins can include a Retry After header to indicate the time left to retry.

Most encountered server-side HTTP error codes

500: Internal Server Error

Possible causes

A 500 error is a generic error response that points to a situation where the server cannot respond as expected. At the root, it could be a permission error, a timeout, a failed plugin, an incorrect syntax, or even a memory limit.

Solutions to explore

There are several ways to zero in on the reasons that may have triggered this error.

• With specialized tools like Microsoft Information Services, admins can drill down on the details, like application shutdown, busy web servers, unrecognized or invalid data, and rewrite errors.
• The fixing journey can begin with an escalation to the hosting partner.
• Internally, admins can analyze app log files to observe details on log generation logic to zero in on the exact cause.
• Admins can also check memory management for reallocation possibilities.

502: Bad Gateway

Possible causes

The second most encountered HTTP error code after 404, a 502 error occurs when the server fails to forward a request. It is known as a bad gateway, because the server acts as the gateway that streams data from multiple sources elsewhere.

A 502 error usually includes an appendix pointing to the erroneous endpoint, like 502 Bad Gateway Apache/Nginx. Among the causes for a 502 error include server crashes, overload on web servers (during attacks), faulty PHP code, or firewall-induced connection drops.

Solutions to explore

• Since the issue is usually temporary, advise the user to wait simply.
• If it doesn't fix itself with time, the user can clear their cache and cookies, hard reload the page, or try again in safe browser mode.
• Users can also use website uptime checks to confirm whether the issue is universal or specific to their machine.
• Admins should rule out server failures by checking with the hosting provider.
• Also, admins should check the name server, firewalls, and DNS settings.
• Admins should also check the error log for further clues. It could be a relay between other servers that suffers glitches in transit.

503: Service Unavailable

Possible causes

A 503 error occurs when the server cannot process the request temporarily. This is indicated in the HTTP header response under the Retry-After field. It could have several implications including server maintenance running, an overloaded server due to unexpected traffic surges or attacks, or even a client-side DNS configuration error.

Solutions to explore

The solution needs multiple approaches to find out why the server could not answer the request.

• The user can refresh the browser, restart the computer or router, or change the DNS server configurations.
• If the error develops while using a payment gateway, users should avoid refreshing, as that can result in repeat payments.
• Admins should reach out to hosting partners or server operators if the error is not resolved within a few hours.
• If the error occurs even after refreshing or increasing hosting resources, admins should check for lapses in software updates or programming, such as bad plugins, and fix them.

504: Gateway Timeout

Possible causes

Also known as a connection timeout, this error means that one of the several network gateways, proxies, or cloud servers that a web server relies on to deliver the request has failed to resolve the query. The root cause is an intermediary server or a network connection failing to respond within a timeframe. Such delays break the chain of data transfer, and the webserver attempts to switch to a proxy server, which, when overwhelmed, results in a 504 error. Sometimes, it could also be an ISP-related error, which can be remedied by changing to a different DNS server.

Solutions to explore

• Beyond the server-side errors, it could also be the user router or proxy settings gone wrong.
• Ask the user to restart the web application or access it through another browser.
• If the user cannot load other web apps, they can attempt again after restarting network devices.
• Admins should review the proxy settings and change the DNS server to any of the publicly available ones.
• If all of these attempts fail, admins should escalate it immediately to the hosting partner.

Remembering HTTP error codes helps with instant troubleshooting

HTTP status codes are a great starting point to investigate issues between the web server and the client. Therefore, remembering the important list of status codes and their implications is essential for web administrators to troubleshoot them, repair them, and ensure a great end-user experience.