HTTP Status Codes

Every HTTP status code explained — what it means, why it happens, and how to fix it. For developers and site visitors alike.

Supports code numbers, names, and keywords
Jump: 1xx 2xx 3xx 4xx 5xx

Frequently Asked Questions

What is the difference between 401 and 403?

401 Unauthorized means authentication is required — the server doesn't know who you are. It usually comes with a WWW-Authenticate header prompting you to log in. 403 Forbidden means the server knows who you are (or authentication isn't the issue) but you don't have permission. Think of 401 as "show me your ID" and 403 as "I see your ID but you're not on the list."

What causes a 502 Bad Gateway error?

A 502 appears when a proxy, load balancer, or CDN receives an invalid response from the upstream server it contacted on your behalf. Common causes: the upstream server crashed, is overloaded, restarted mid-request, or returned malformed HTTP headers. The proxy itself is fine — it's what the proxy is talking to that's broken. Check your application server logs and restart it if needed.

What is the difference between 301 and 302 redirects?

301 Moved Permanently tells browsers and search engines that the resource has moved forever — they should update bookmarks and transfer link equity. 302 Found is temporary — clients should keep using the original URL. For SEO purposes, always use 301 for permanent URL changes. Using 302 by mistake on a permanent move can split your ranking signals and cause slow propagation.

Why does HTTP 418 say "I'm a teapot"?

418 is an April Fools' joke from RFC 2324 (1998) — the Hyper Text Coffee Pot Control Protocol. The premise: a server that is, in fact, a teapot should refuse to brew coffee. It was a satirical RFC by Larry Masinter. Despite never being a real error, it survived in IANA's registry and became a beloved joke in web development. Some servers use it to humorously reject bots or unwanted automation.

What is a 429 Too Many Requests and how do I fix it?

429 means you've exceeded a rate limit — sending too many requests in too short a time. Fix as a client: back off and retry after the delay specified in the Retry-After header, implement exponential backoff, and cache responses where possible. As a server: always include a Retry-After header; use sliding window or token bucket algorithms for fair rate limiting.

When should I use 404 vs 410?

Use 404 Not Found when the resource doesn't exist but might in the future (or you're not sure if it ever existed). Use 410 Gone when you know the resource existed previously and has been permanently deleted with no replacement. For SEO, 410 signals search engines to remove the URL from their index faster than 404.