What mean 40x codes?

HTTP status codes in the 400 range, commonly referred to as "40x codes," indicate client errors. These codes are sent by the server to indicate that the client (typically a web browser or other user agent) seems to have made an error or request that cannot be fulfilled by the server. Here are some common 40x status codes:

Monitor your web site pages code changes with our service: issuedetector.com and avoid broken urls!

400 Bad Request:

The server cannot process the request due to a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

A 400 status code is another standard HTTP response code, but unlike the 404 error which indicates a "Not Found" situation, a 400 error signifies a "Bad Request." This means that the server cannot process the request because the client's request is malformed, syntactically incorrect, or violates the server's rules for request formatting.

In simpler terms, the server is saying, "I don't understand your request because it's incorrect or incomplete."

Common reasons for encountering a 400 error include:

1. Malformed syntax in the request (e.g., missing required parameters, incorrect parameter values).
2. Unsupported HTTP method (e.g., using a POST request when only GET is allowed).
3. Too large request size that exceeds server limitations.
4. Invalid request headers.
5. Invalid JSON formatting in API requests.

When a client (typically a web browser) receives a 400 error, it may display a message such as "400 Bad Request," along with additional details about the error. Developers often utilize these error messages to provide users with guidance on how to correct their requests.

401 Unauthorized:

Similar to 403 Forbidden, but specifically for cases where authentication is required and has failed or has not been provided.

A 401 status code is a standard HTTP response code that indicates "Unauthorized." This status code is returned by a server to indicate that the client (such as a web browser or API client) must authenticate itself to get the requested response. In other words, the server is saying that the request lacks valid credentials or authorization to access the requested resource.

When a client receives a 401 error, it means that the server is requiring some form of authentication, and the client needs to provide valid credentials (such as a username and password) to access the requested resource.

Common scenarios leading to a 401 error include:

1. Missing or incorrect authentication credentials.
2. Expired or revoked authentication tokens.
3. Insufficient permissions to access the requested resource.

Upon receiving a 401 error, a web browser might prompt the user to enter login credentials, or an API client may need to include valid authentication tokens in its request.

The server typically includes a "WWW-Authenticate" header in the response, providing information on the authentication method expected by the server. The client can then use this information to provide the necessary credentials in subsequent requests.

402 Payment Required:

Reserved for future use. Originally intended for digital cash or other forms of micropayments.

A 402 status code in HTTP is known as "Payment Required." However,  this status code is not widely used and is not standard practice on the web.

The HTTP/1.1 specification (RFC 7231) defines the 402 status code to be reserved for future use, and there haven't been widely adopted conventions or standardizations for its specific meaning and use.

In theory, a 402 status code could be used to indicate that the client needs to make a payment before it can access a particular resource or service. This could be relevant in scenarios where access to certain content or services is contingent on a payment agreement.

403 Forbidden:

The client does not have permission to access the requested resource. This is a more general form of 401 Unauthorized.

A 403 status code in HTTP is known as "Forbidden." This status code indicates that the server understood the client's request, but the server refuses to authorize the request. In simpler terms, the client is authenticated, but it doesn't have the necessary permissions to access the requested resource.

When a server returns a 403 status code, it is saying that the client's credentials are valid, but it is not allowed to access the specific resource or perform the requested operation due to lack of authorization.

Common scenarios leading to a 403 error include:

1. Insufficient permissions: The user or client does not have the necessary permissions to access the resource.
2. IP blocking: The server may block access to certain IP addresses or ranges.
3. Authentication credentials do not grant access: The user may be authenticated, but their specific role or permissions do not allow access to the requested resource.

Upon receiving a 403 error, the client usually receives a response with a message like "403 Forbidden." The server may also include additional information or headers indicating the reason for the forbidden access.

It's essential for users or developers to review the server's documentation or contact the server administrator to understand the specific authorization requirements for accessing the desired resource.

404 Not Found:

The server cannot find the requested resource. This is a very common code that indicates the requested URL is not valid or the resource does not exist.

A 404 status code is a standard HTTP response code that indicates that the server did not find the requested page. When you encounter a 404 error, it means that the client (usually a web browser) was able to communicate with the server, but the server could not find the requested resource.

In simpler terms, it's like the server saying, "I couldn't locate the webpage you're looking for." This can happen for various reasons, such as the URL being mistyped, the page being moved or deleted, or the server not having the necessary information.

When you see a 404 error in your web browser, it typically displays a message like "404 Not Found" along with other details about the error. Developers often customize these pages to provide users with more information or suggestions on what to do next.

405 Method Not Allowed:

The method specified in the request (e.g., GET, POST, PUT) is not allowed for the specified resource.

A 405 status code in HTTP is known as "Method Not Allowed." This status code indicates that the method specified in the request (such as GET, POST, PUT, DELETE, etc.) is not allowed or supported for the target resource.

In other words, the server recognizes the HTTP method used in the request, but it does not permit that method for the requested resource. This could happen for various reasons, such as restrictions on certain HTTP methods for a particular endpoint or the server not supporting the method at all.

Common scenarios leading to a 405 error include:

1. Using an unsupported HTTP method: Attempting to use a method (e.g., PUT, DELETE) that is not allowed for a particular resource.
2. Missing required parameters: Some resources may require specific parameters for certain methods, and if they are missing, the server may respond with a 405 error.

When a server returns a 405 status code, it often includes an "Allow" header in the response, listing the HTTP methods that are allowed for the specified resource. This information helps the client understand which methods are permitted and can be used in subsequent requests.

For example, a response with a 405 status code might include an "Allow" header like: Allow: GET, POST, indicating that only the GET and POST methods are allowed for the resource.

406 Not Acceptable:

The requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request.

A 406 status code in HTTP is known as "Not Acceptable." This status code indicates that the server cannot produce a response matching the list of acceptable values defined in the request's headers, most commonly in the Accept header.

When a client makes an HTTP request, it can include an Accept header to specify the media types (content types) it can understand or process. The server, in turn, examines this header and, if it cannot provide a response in any of the specified formats, responds with a 406 status code.

Common scenarios leading to a 406 error include:

1. Unsupported media type: The client's specified Accept header requests a media type that the server cannot produce or deliver.
2. No acceptable representation: The server may not have any content that matches the client's specified criteria.

Upon receiving a 406 error, the server may include additional information in the response, such as a list of supported media types or details about why the request cannot be fulfilled.

For example, a server might respond with a 406 status code and an "Accept" header indicating the supported media types: Accept: application/json, text/html.

Clients can use this information to adjust their requests and specify acceptable media types that the server can provide in the response.

407 Proxy Authentication Required:

The client must first authenticate itself with the proxy.

A 407 status code in HTTP is known as "Proxy Authentication Required." This status code is similar to the 401 "Unauthorized" status code, but it specifically indicates that the client must first authenticate itself with a proxy server before making the requested request.

When a client makes a request through a proxy server, and the proxy server requires authentication, it will respond with a 407 status code to indicate that the client needs to provide valid credentials to access the requested resource through the proxy.

Common scenarios leading to a 407 error include:

1. Proxy server requires authentication: The proxy server that the client is using demands authentication before it allows the client's request to pass through.

Upon receiving a 407 error, the client typically needs to provide proxy authentication credentials, such as a username and password, in the request. The client may include a Proxy-Authorization header with the necessary credentials.

For example, the client may send a request with a Proxy-Authorization header like:

The base64-encoded string includes the username and password separated by a colon. It's worth noting that sending passwords without proper encryption (such as using HTTPS) can be a security risk.

408 Request Timeout:

The server timed out waiting for the request. The client may retry the request.

A 408 status code in HTTP is known as "Request Timeout." This status code indicates that the server did not receive a complete request from the client within the server's specified timeout period.

When a client sends a request to a server, it is expected to complete the sending of the request headers and body within a certain timeframe. If the server does not receive the complete request within this timeout period, it responds with a 408 status code.

Common scenarios leading to a 408 error include:

1. Network issues: Slow or unreliable network connections can lead to requests taking longer to reach the server.
2. Client delays: The client may take too long to send the request headers or body.

Upon receiving a 408 error, the client can retry the request, ensuring that it sends the complete request within a reasonable time frame. Additionally, the server might include a Retry-After header in the response to suggest when the client should attempt the request again.

It's essential to note that a 408 status code indicates a timeout during the client's request, not a server processing timeout. If there is a timeout during the server's processing of a request, a different status code, such as 504 Gateway Timeout, is typically used.

409 Conflict:

Indicates that the request could not be completed due to a conflict with the current state of the target resource.

A 409 status code in HTTP is known as "Conflict." This status code indicates that the request could not be completed due to a conflict with the current state of the target resource. In other words, the server is indicating that the requested operation cannot be performed because it would result in a conflict with the current state of the resource.

Common scenarios leading to a 409 error include:

1. Concurrency issues: The client is attempting to update a resource, but there is a conflict with changes made by another party in the meantime.
2. Resource state conflict: The requested operation cannot be completed because it would violate the current state of the resource.

Upon receiving a 409 error, the client may need to resolve the conflict by updating its request to reflect the current state of the resource. This could involve fetching the latest version of the resource, merging changes, or making the necessary adjustments to avoid conflicts.

Developers often provide additional information in the response body or headers to help clients understand the nature of the conflict and how to resolve it.

---------------------------------------------------------------------------------------------------------------------------------------------------------------

These status codes help to diagnose and troubleshoot issues when a client interacts with a web server.

see:

• Why broken links is bad?
• How to detect broken links?
• How fix broken links?