Overview
4xx codes generally are error responses specifying an issue at the client’s end, potentially a network issue.
- 4xx codes can be used as a response to any request method.
- Origin server should include an explanation which should be displayed by User-Agent, with the exception of a
HEADrequest - Custom rules can return any response code in the range 400-499 in your HTML page, if the site owner has created a rule with Block action and configured a custom response code. Refer to custom response](/waf/custom-rules/create-dashboard/#configuring-a-custom-response-for-blocked-requests) for more details.
The following are common 4xx codes and their definitions:
The request was not sent with the proper authentication credentials
- Server must send with at least one challenge in the form of a
WWW-Authenticateheader field according to section 4.1 - Client may send a second request with the same credentials and then if the challenge is identical to the one before, an entity will be provided by the server to help the client find what credentials are needed.
402 Payment Required (
RFC7231)
Not yet implemented by RFC standards but reserved for future use.
403 Forbidden (
RFC7231)
If you’re seeing a 403 error without Cloudflare branding, this is always returned directly from the origin web server, not Cloudflare, and is generally related to permission rules on your server. The top reasons for this error are:
- Permission rules you have set on the origin web server (in the Apache .htaccess for example)
- Mod_security rules
- IP deny rules. You need to make sure that
Cloudflare’s IP ranges aren’t being blocked
Cloudflare will serve 403 responses if the request violated either a default WAF managed rule enabled for all orange-clouded Cloudflare domains or a WAF managed rule enabled for that particular zone. Read more at WAF Managed Rules.
If you’re seeing a 403 response that contains Cloudflare branding in the response body, this is the HTTP response code returned along with many of our security features:
- WAF Custom or Managed Rules with the challenge or block action
- Security Level, that is set to Medium by default
- Most 1xxx Cloudflare error codes
- The Browser Integrity Check
404 Not Found (
RFC7231)
Origin server was unable or unwilling to find the resource requested. This usually means the host server could not find the resource. To serve a more permanent version of this error one should use a 410 error code.
These errors typically occur when someone mistypes a URL on your site when there is a broken link from another page, when a page that previously existed is moved or removed, or there is an error when a search engine indexes your site. For a typical site, these errors account for approximately 3% of the total page views, but they’re often untracked by traditional analytics platforms like Google Analytics.
Website owners usually implement a custom page to be served when this error is generated.
Cloudflare does not generate 404s for customer websites, we only proxy the request from the origin server. When seeing a 404 for your Cloudflare powered site you should contact your hosting provider for help.
405 Method Not Allowed (
RFC7231)
Origin server is aware of the requested resource, but the request method used is not supported.
- Origin server must also provide an
Allowheader with a list of supported targets for that resource.
An example would be a POST on an unchangeable resource the thus only accepts GET.
406 Not Acceptable (
RFC7231)
Resource is not available at the origin that adheres to negotiation headers that were set prior (e.g. via Accept-Charset and Accept-Language headers)
This status code can be replaced by simply serving the less preferred method to the User-Agent in lieu of generating this error.
407 Authentication Required (
RFC 7235)
The client did not send the required authentication with the request.
408 Request Timeout (
RFC7231)
The origin server did not receive the complete request in what it considers a reasonable time.
- Implied the server does not wish to wait and continue the connection.
- Not used much because servers typically choose to use the “close” connection option.
409 Conflict (
RFC7231)
The request did not complete because of a conflict with the current state of the resource. Typically happens on a PUT request where multiple clients are attempting to edit the same resource.
- The server should generate a payload that includes enough information for the client to recognize the source of the conflict.
- Clients can and should retry the request again
Cloudflare will generate and serve a 409 response for a
Error 1001: DNS Resolution Error.
410 Gone (
RFC7231)
The resource requested is permanently missing at the origin.
- The server is suggesting the links reference the resource should be removed.
- The server is not qualified to use this status code over a 404 response nor required to have this response for any specific period of time.
411 Length Required (
RFC7231)
Client did not define the Content-Length of the request body in the headers and this is required to obtain the resource.
- Client may resend the request after adding the header field.
412 Precondition Failed (
RFC 7232)
Server denies the request because the resource failed to meet the conditions specified by the client.
For an example of version control, a client is modifying an existing resource and thus sets the If-Unmodified-Since header to match the date that the client downloaded the resource and began edits. If the resource was edited (likely by another client) after this date and before the upload of the edits, this response will be generated since the date of the last edit will come after the date set in If-Unmodified-Since by the client.
Cloudflare will serve this response. For more information, refer to: ETag Headers
413 Payload Too Large (
RFC7231)
Refusal from the server to process the request because the payload sent from the client is larger than the server wished to accept. Server has the optional to close the connection.
- If this refusal would only happen temporarily, then the server should send a
Retry-Afterheader to specify when the client should try the request again.
414 URI Too Long (
RFC7231)
Refusal from the server that the URI was too long to be processed. For example, if a client is attempting a GET request with an unusually long URI after a POST, this could be seen as a security risk and a 414 gets generated.
Cloudflare will generate this response for a URI longer than 32KB
415 Unsupported Media Type (
RFC7231)
Refusal from the server to process the format of the current payload. One way to identify and fix this issue would be to look at the Content-Type or Content-Encoding headers sent in the client’s request.
416 Range Not Satisfiable (
RFC7233)
The 416 error response code indicates that a server cannot serve the requested ranges. For example:
HTTP/1.1 416 Range Not Satisfiable
Content-Range: bytes */12777
The most common reason is that the file doesn’t include such ranges. Browsers usually either request the entire file again or abort the operation.
417 Expectation Failed (
RFC7231)
Failure of server to meet the requirements specified in the Expect header of the client’s request.
429 Too Many Requests (
RFC6585)
Client has sent too many requests in the specified amount of time according to the server. Often known as “rate-limiting”. Server may respond with information allowing the requester to retry after a specific period of time.
Cloudflare will generate and send this status code when a request is being
rate limited. If visitors to your site are receiving these error codes, you will be able to see this in the Rate Limiting Analytics.
451 Unavailable For Legal Reason (
RFC7725)
Server is unable to deliver the resource due to legal actions.
Typically search engines (e.g. Google) and ISP (e.g. ATT) are the ones affected by this response code and not the origin server.
- The response should include an explanation is the response body with details of the legal demand.
499 Client Close Request
Nginx specific response code to indicate when the connection has been closed by the client while the server is still processing its request, making server unable to send a status code back.
- This will be shown in
Cloudflare Logs and status code analytics for Enterprise customers.
Это перевод с сайта www.bluefrontier.co.uk.
Что означают ошибки с кодами 4XX
Ошибки с кодами 4XX — это ошибки, которые возникают, когда веб-страница не существует или когда доступ к ней ограничен. Обычно это случается из-за неправильно набранного URL-адреса. Если страница недоступна, то она не может обмениваться данными с веб-сервером, в результате чего выводится ошибка 4XX и пользователь не может получить доступ к странице или сайту.
Сначала разберём популярные типы ошибок с кодом 4XX, а потом поговорим о том, как их исправить.
400 Bad Request или «Некорректный запрос»
400 Bad Request возникает при отправке неправильного или поврежденного запроса на веб-сервер. В результате сервер, принимающий запрос, не может его понять.
Как и сообщение об ошибке типа «404 Не найдено», страницы 400 можно нужным образом настраивать.
401 Unauthorized или «Авторизация не пройдена»
HTTP-ошибка 401 говорит о том, что запрос отправлен клиентом, аутентификация которого невозможна. Причина может быть в том, что:
- клиент не предоставил корректные учётные данные вместе со своим запросом;
- клиенту по какой-либо причине запрещён доступ к веб-ресурсу;
- сервер отклонил учетные данные клиента.
403 Forbidden или «Доступ запрещен»
Это сообщение об ошибке отображается при попытке обратиться к странице или веб-ресурсу, доступ к которому строго запрещён. Как правило, в таком случае пользователю будут предоставлены базовые указания для решения этой проблемы.
404 Not Found или «Страница не найдена»
Страница с ошибкой 404 будет показана пользователю при переходе по «битым» ссылкам. В результате он не сможет получить доступ к соответствующей странице. Ошибка «Cтраница не найдена» обычно вызвана некорректным URL-адресом или тем, что данная страница уже перестала быть общедоступной.
Также ошибка 404 может возникнуть, если на страница или ресур «переехали» на другой URL, но перенаправление со старого URL-адреса на новый не настроено.
Эта ошибка указывает на то, что сервер доступен, но конкретная страница, на которую вы пытаетесь попасть, недоступна.
Как выглядят ошибки с кодами 4XX
Ошибки 4XX легко выявить — они появляются в окне браузера и обычно объясняют, что именно произошло. На рисунке ниже показаны примеры сообщений, которые могут быть выведены пользователю:
Как исправить ошибку с кодом 4XX
- Проверьте URL-адрес, не ошиблись ли вы, когда печатали его? Если адрес сайта набран неправильно, то, скорее всего, вы увидите ошибку «404 — Not Found».
- Очистите файлы cookie и кэш браузера. Возможно, ваш браузер пытается использовать недействительные или просроченные файлы cookie. Возможно, ваш браузер сохранил в кэше поврежденную версию страницы, которую вы пытаетесь открыть, поэтому возвращается ошибка 400 Bad Request.
Как очистить cookie и кэш браузера
Обычно это делается в настройках браузера. Они всегда находятся в верхнем правом углу экрана.
В Google Chrome: Настройки → Безопасность и конфиденциальность → Очистить историю.
В Яндекс.Браузере: Настройки → Системные → Очистить историю.
В Mozilla Firefox: Настройки → Приватность и защита → Куки и данные сайтов → Удалить данные.
- Обратите внимание на то, что причина ошибки может быть в сервере, принимающем запрос. Некоторые серверы не настроены на отправку более информативных сообщений и присылают просто ошибку. Например, вы загружаете на сайт слишком большой файл. Вместо указания на то, что размер файла превышает максимально допустимый, сервер отправляет HTTP-ошибку с кодом 400.
- Обновите страницу, это то же самое, что выключить и снова включить какое-нибудь устройство. Это действие не всегда помогает, но попробовать стоит. Просто нажмите клавишу F5, и ваш браузер перезагрузит страницу. Если вы всё равно получаете ошибку, то можно, придерживаясь того же подхода, попробовать перезагрузить компьютер.
- Попробуйте воспользоваться поиском по сайту. Не всегда легко заметить, что URL-адрес набран неправильно, особенно, если в нём вместо понятных слов используются цифры и символы. Если вы наберёте в браузере «site.com:ключевое слово», то в поисковой выдаче должны появиться страницы сайта, содержащие этот запрос. Это эффективный способ поиска страниц, у которых могут быть новые URL-адреса.
- Для проверки зайдите на другие сайты. Если вы постоянно видите HTTP-ошибки, причиной может быть ваш компьютер или сетевое оборудование. Попробуйте зайти на другие сайты и посмотреть, не появляется ли на них HTTP-ошибка с кодом 4XX.
- Если вы пытаетесь где-то авторизоваться, чтобы получить доступ к определённым данным, проверьте, что используете правильный URL-адрес. URL-адреса могут обновляться или изменяться, поэтому если вы когда-то добавили страницу в закладки, то сейчас она может быть уже неактуальной. Также важно убедиться, что вы используете правильные данные для входа в систему, поскольку неправильные могут привести к появлению сообщения об ошибке с кодом 401.
- Если ничего из вышеперечисленного не помогает, свяжитесь с администраторами сайта.
Ошибки 4XX: негативное влияние на SEO
Когда внутренняя ссылка на страницу сайта или внешняя ссылка, ведущая на ваш сайт с другого ресурса меняется, удаляется или не работает, такую ссылку называют «битой». Она не позволит увидеть пользователю соответствующий контент. Вместо этого появится сообщение об ошибке с кодом 4XX.
Чаще всего это сообщение выглядит примерно так: «400: Bad Request», «400: некорректный запрос» или «HTTP-ошибка с кодом 400».
Полезно: Полный гайд по кодам ответа сервера 1**, 2**, 3**, 4**,5**
Внутренние ссылки
С точки зрения SEO важно исправлять битые внутренние ссылки, поскольку они мешают поисковым системам правильно индексировать ваш сайт. Более того, с позиции бизнеса, из‑за битых ссылок ваш сайт будет выглядеть непрофессионально, а это уже может дать повод полагать, что на таком же уровне организован и весь бизнес. Когда появляется страница с ошибкой, особенно стандартная, ваш посетитель и потенциальный клиент просто уйдёт к конкуренту.
К счастью, у Google есть Search Console — инструмент, который позволяет легко отслеживать битые ссылки и составлять графики с данными по ним.
Для этого зайдите в Google Search Console и перейдите в «Настройки» → «Статистика сканирования». Обратите внимание на поле «По ответу» — в нём указано количество страниц с ошибками:
Кликнув на ошибки, вы увидите какие именно страницы сайта отдают эти ошибки.
Кроме того, инструмент обнаружения битых ссылок на сайте есть у Топвизора. Перейдите в Аудит → Ссылки. Инструмент покажет ошибки:
В некоторых случаях, например, для Wordpress, Drupal и Joomla, есть встроенное расширение, которое вы можете использовать для автоматической проверки на наличие битых ссылок.
Внешние ссылки
Внешние ссылки или, как их ещё называют, «входящие ссылки», могут стать «битыми» из‑за изменения URL‑адреса или местоположения контента, а также из‑за допущенной ошибки в самом URL‑адресе.
В результате такие ссылки негативно влияют на ранжирование вашего сайта в поисковых системах и на впечатления посетителей от использования сайта.
Как «лечить» битые ссылки
Вот несколько возможных вариантов.
Исправьте сами ссылки или настройте редирект
Сначала необходимо обнаружить битую ссылку. Как и в случае с внутренними ссылками, проверьте ошибки сканирования в Google Search Console, найдите все ссылки с ошибками и их источник.
После обнаружения источника, свяжитесь с вебмастером ресурса и попросите исправить ссылку. Если по каким‑то причинам вы не можете связаться с ним, настройте редирект (301‑й код состояния HTTP) на исходную статью. Google с радостью перенесёт всю ссылочную ценность с вашей битой ссылки на текущую.
Инструкция по настройке 301‑го редиректа от Google
Чем больше входящих ссылок связано со страницей, тем выше её позиции в ранжировании, поэтому нужно тщательно продумывать удаление или изменение имён файлов страниц.
Поддерживайте распределение ссылочного веса
«Ссылочный вес» служит своеобразной валютой в поисковике Google и используется в алгоритмах поисковых систем для определения рейтинга сайта или страницы. Страницы связаны между собой ссылками, и их ценность передаётся от одной страницы к другой. Если ссылка не работает, то передача ссылочного веса прекращается, и он теряется. Это может сильно повлиять на ранжирование сайта и ухудшить впечатления пользователей от сайта, снижая его посещаемость.
Создавая пользовательскую страницу для сообщения об ошибке с кодом 404, вы можете перенаправить пользователя либо на главную страницу сайта, либо на предыдущую страницу, чтобы вернуть его на шаг назад. Несмотря на то, что пользователю отображается страница с сообщением об ошибке, он может легко вернуться на предыдущую посещенную страницу сайта без необходимости заново начинать весь процесс.
Перенаправляя посетителей на предыдущие страницы, сайт сохраняет ссылочный вес, который в противном случае был бы потерян.
Создавайте нестандартные страницы с ошибкой 404
Страница с ошибкой 404 служит для информирования посетителя сайта о том, что страница не может быть найдена, например из‑за нерабочей ссылки или даже просто опечатки.
Мы предлагаем создавать нестандартные страницы с ошибкой на вашем сайте. У такой страницы есть несколько преимуществ.
Во‑первых, нестандартная страница с сообщением об ошибке гораздо проще в понимании. У посетителя сайта будет складываться впечатление, что сайтом всё еще кто‑то занимается, в отличие от стандартной страницы об ошибке, которая свидетельствует о том, что сайт, возможно, давно не обновляли.
Но ещё важнее то, что пользовательская страница с ошибкой 404 может помочь пользователю найти именно то, что он искал. А это позволит не упустить трафик, если у вас окажется много битых ссылок. У Google есть несколько хороших советов по созданию полезной страницы с ошибкой 404.
Не игнорируйте ошибки с кодами 4XX, потому что они сильно влияют на впечатления посетителей сайта. Если вы вдруг ещё не знали, алгоритмы Google ориентированы на обеспечение максимально положительного пользовательского опыта.
Хотя битые ссылки — только один из многочисленных факторов, которые учитывает поисковой робот Google, они могут привести к потере ценного трафика, поскольку пользователи разочаровываются, когда переходят по нерабочим ссылкам на несуществующие страницы. В конечном счёте битые ссылки негативно отразятся на поведенческих факторах сайта и, как следствие, на его эффективности с точки зрения SEO.
Types of HTTP Status Codes
Before moving on to 1xx status codes, it is best to know that there are five categories into which we can divide HTTP response codes.
- 1xx Status Codes for information.
- 2xx Status Codes indicate that a request has been processed properly.
- 3xx Status Codes for redirection advise the client that the requested resource is accessible elsewhere on the server.
- 4xx Status Codes for client errors primarily comes from the browser, because the required parameters to visit the requested URL are lacking.
- 5xx Status Codes for Server Errors indicate that the request could not be processed.
Introduction
When a client’s request is received with an error, a web server responds with the HTTP status code 4xx. For the purposes of debugging, you can presume that a 4xx code means the browser sent the server the incorrect request, which it was unable to complete. To get the right response, you must verify your browser and send the right request once more.
For instance, using the proper login and password, to access password-protected pages. An explanation for each HTTP 4xx status code is provided below. Keep in mind that these are status codes (and not error codes), which, while usually just providing information, may occasionally signal a mistake.
400 Bad Request Status Code
When the server is unable to understand the request because of an invalid syntax, then we get 400 Bad Request in response.
References for 400 Status Code
- HTTP Status Constant for Python2
httplib.BAD_REQUEST - HTTP Status Constant for Python3.5+
http.HTTPStatus.BAD_REQUEST - HTTP Status Constant for Go
http.StatusBadRequest - HTTP Status Constant for Python3+
http.client.BAD_REQUEST - HTTP Status Symbol for Rails
bad_request - HTTP Status Constant for Symfony
Response::HTTP_BAD_REQUEST
401 Unauthorized Status Code
When sending a 401 response, the server MUST provide a WWW-Authenticate header field with at least one challenge that is relevant to the target resource.
The 401 response means that authorization has been denied for the authentication credentials if the request includes them. A new or updated Authorization header field may be included in the request when the user agent repeats it.
The user agent SHOULD show the enclosed representation to the user if the 401 response contains the same challenge as the previous response and at least one authentication attempt has been made by the user agent. This is because the enclosed representation frequently includes pertinent diagnostic data.
References for Code 401
- HTTP Status Constant for Go
http.StatusUnauthorized - HTTP Status Constant for Python2
httplib.UNAUTHORIZED - HTTP Status Constant for Python3.5+
http.HTTPStatus.UNAUTHORIZED - HTTP Status Constant for Symfony
Response::HTTP_UNAUTHORIZED - HTTP Status Constant for Python3+
http.client.UNAUTHORIZED - HTTP Status Symbol for Rails
unauthorized
402 Payment Required Status Code
The response with the status code 402 Payment Required is reserved for later use. It was initially developed to be used in digital payment systems, however it is infrequently used and there is no established protocol for doing so.
References for Code 402
- HTTP Status Constant for Python3+
http.client.PAYMENT_REQUIRED - HTTP Status Constant for Go
http.StatusPaymentRequired - HTTP Status Symbol for Rails
:payment_required - HTTP Status Constant for Python2
httplib.PAYMENT_REQUIRED - HTTP Status Constant for Symfony
Response::HTTP_PAYMENT_REQUIRED
403 Forbidden Status Code
If a server wants to disclose the reason the request was declined, it can do so in the response payload (if any).
The server deems the authentication credentials insufficient to enable access if they were included in the request. The client SHOULD NOT resubmit the request with the same credentials automatically. With changed or alternative credentials, the client MAY resubmit the request. A request, however, may be rejected for factors unrelated to the credentials.
An origin server that wants to “conceal” the fact that a target resource is currently banned MAY instead reply with the response code 404 Not Found.
References for Code 403
- HTTP Status Symbol for Rails
:forbidden - HTTP Status Constant for Go
http.StatusForbidden - HTTP Status Constant for Python3+
http.client.FORBIDDEN - HTTP Status Constant for Symfony
Response::HTTP_FORBIDDEN - HTTP Status Constant for Python3.5+
http.HTTPStatus.FORBIDDEN - HTTP Status Constant for Python2
httplib.FORBIDDEN
404 Not Found Status Code
The 410 Gone status code is recommended over 404 if the origin server understands, presumably through some configurable means, that the state is likely to be persistent. A 404 status code does not specify whether this loss of representation is temporary or permanent.
Unless explicitly stated differently by the method description or specific cache controls1, a 404 response is cacheable by default.
References for Code 404
- HTTP Status Constant for Python2
httplib.NOT_FOUND - HTTP Status Constant for Python3+
http.client.NOT_FOUND - HTTP Status Symbol for Rails
:not_found - HTTP Status Constant for Python3.5+
http.HTTPStatus.NOT_FOUND - HTTP Status Constant for Go
http.StatusNotFound - HTTP Status Constant for Symfony
Response::HTTP_NOT_FOUND
405 Method Not Allowed Status Code
An allow header field providing a list of the current supported methods for the target resource MUST be generated by the origin server in a 405 response.
A 405 response is cacheable by default, unless the method specification or explicit cache controls specify otherwise.
References for Code 405
- HTTP Status Constant for Python3+
http.client.METHOD_NOT_ALLOWED - HTTP Status Constant for Go
http.StatusMethodNotAllowed - HTTP Status Constant for Symfony
Response::HTTP_METHOD_NOT_ALLOWED - HTTP Status Constant for Python3.5+
http.HTTPStatus.METHOD_NOT_ALLOWED - HTTP Status Symbol for Rails
:method_not_allowed - HTTP Status Constant for Python2
httplib.METHOD_NOT_ALLOWED
406 Not Acceptable Status Code
The user or user agent can select the most relevant representation characteristic from a list of available representation characteristics and accompanying resource identifiers that the server SHOULD produce. A user agent MAY choose the best option from that list automatically.
References for Code 406
- HTTP Status Constant for Go
http.StatusNotAcceptable - HTTP Status Symbol for Rails
:not_acceptable - HTTP Status Constant for Python3.5+
http.HTTPStatus.NOT_ACCEPTABLE - HTTP Status Constant for Python2
httplib.NOT_ACCEPTABLE - HTTP Status Constant for Symfony
Response::HTTP_NOT_ACCEPTABLE - HTTP Status Constant for Python3+
http.client.NOT_ACCEPTABLE
407 Proxy Authentication Required Status Code
The destination resource requires the proxy to transmit a Proxy-Authenticate header field with a challenge specific to that proxy. The client MAY submit the request again with a modified or new Proxy-Authorization header field.
References for Code 407
- HTTP Status Constant for Go
http.StatusProxyAuthRequired - HTTP Status Constant for Python3.5+
http.HTTPStatus.PROXY_AUTHENTICATION_REQUIRED - HTTP Status Symbol for Rails
:proxy_authentication_required - HTTP Status Constant for Python2
httplib.PROXY_AUTHENTICATION_REQUIRED - HTTP Status Constant for Symfony
Response::HTTP_PROXY_AUTHENTICATION_REQUIRED - HTTP Status Constant for Python3+
http.client.PROXY_AUTHENTICATION_REQUIRED
408 Request Timeout Status Code
Since 408 means that the server has decided to stop the connection rather than keep waiting, a server SHOULD supply the “close” connection option in the response. The client MAY make the same request again over a different connection if there is an unfinished request in transit.
Reference for Code 408
- HTTP Status Constant for Python3.5+
http.HTTPStatus.REQUEST_TIMEOUT - HTTP Status Constant for Symfony
Response::HTTP_REQUEST_TIMEOUT - HTTP Status Constant for Python2
httplib.REQUEST_TIMEOUT - HTTP Status Symbol for Rails
:request_timeout - HTTP Status Constant for Python3+
http.client.REQUEST_TIMEOUT - HTTP Status Constant for Go
http.StatusRequestTimeout
409 Conflict Status Code
The server SHOULD produce a payload with sufficient details to allow a user to identify the conflict’s origin.
The most common time for conflicts to arise is in response to a PUT request. The origin server may use a 409 response to say that it cannot fulfil the request, for instance, if versioning is being utilized and the representation being PUT contains changes to a resource that contradict with those made by an earlier (third-party) request. Based on the revision history, the response representation in this scenario would probably include data that would be relevant for merging the differences.
Reference for Code 409
- HTTP Status Symbol for Rails
:conflict - HTTP Status Constant for Python3+
http.client.CONFLICT - HTTP Status Constant for Symfony
Response::HTTP_CONFLICT - HTTP Status Constant for Go
http.StatusConflict - HTTP Status Constant for Python3.5+
http.HTTPStatus.CONFLICT - HTTP Status Constant for Python2
httplib.CONFLICT
410 Gone Status Code
If the origin server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 Not Found ought to be used instead.
The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable and that the server owners desire that remote links to that resource be removed. Such an occurrence is typical for temporary, promotional services as well as for resources belonging to users who are no longer connected to the origin server’s website. It is up to the server owner to decide whether to mark all resources that are inaccessible permanently as «gone» or to preserve the mark for an extended period of time.
A 410 answer is cacheable by default, that is, unless the method specification or explicit cache controls specify otherwise.
References for Code 410
- HTTP Status Constant for Python3.5+
http.HTTPStatus.GONE - HTTP Status Symbol for Rails
:gone - HTTP Status Constant for Symfony
Response::HTTP_GONE - HTTP Status Constant for Go
http.StatusGone - HTTP Status Constant for Python3+
http.client.GONE - HTTP Status Constant for Python2
httplib.GONE
411 Length Required Status Code
If the client includes a valid Content-Length header field in the request message with the length of the message body, it MAY repeat the request.
References for Code 411
- HTTP Status Symbol for Rails
:length_required - HTTP Status Constant for Python3+
http.client.LENGTH_REQUIRED - HTTP Status Constant for Go
http.StatusLengthRequired - HTTP Status Constant for Symfony
Response::HTTP_LENGTH_REQUIRED - HTTP Status Constant for Python3.5+
http.HTTPStatus.LENGTH_REQUIRED - HTTP Status Constant for Python2
httplib.LENGTH_REQUIRED
412 Precondition Failed Status Code
With the help of this response code, the client can impose conditions on the state of the resource at the time of the request (including its representations and metadata) and so prevent the request method from being used if the resource is in an unexpected situation.
References for Code 412
- HTTP Status Constant for Python3+
http.client.PRECONDITION_FAILED - HTTP Status Constant for Python2
httplib.PRECONDITION_FAILED - HTTP Status Symbol for Rails
:precondition_failed - HTTP Status Constant for Python3.5+
http.HTTPStatus.PRECONDITION_FAILED - HTTP Status Constant for Go
http.StatusPreconditionFailed - HTTP Status Constant for Symfony
Response::HTTP_PRECONDITION_FAILED
413 Payload Too Large Status Code
To stop the client from submitting another request, the server COULD cut off the connection.
When a condition is transient, the server SHOULD create a Retry-After header field to specify that it is transient and the window of time during which the client MAY attempt a new request.
References for Code 413
- HTTP Status Constant for Python3.5+
http.HTTPStatus.REQUEST_ENTITY_TOO_LARGE - HTTP Status Constant for Python2
httplib.REQUEST_ENTITY_TOO_LARGE - HTTP Status Constant for Go
http.StatusRequestEntityTooLarge - HTTP Status Symbol for Rails
:request_entity_too_large - HTTP Status Constant for Symfony
Response::HTTP_REQUEST_ENTITY_TOO_LARGE
414 Request-URI Too Long Status Code
This uncommon occurrence is only likely to happen when a client misconverts a POST request to a GET request with extensive query information, when the client falls into a «black hole» of redirection (for example, a redirected URI prefix that points to a suffix of itself), or when the server is being attacked by a client trying to exploit potential security flaws.
A 414 response is cacheable by default, unless the method description or explicit cache controls2 state otherwise.
References for Code 414
- HTTP Status Constant for Go
http.StatusRequestURITooLong - HTTP Status Constant for Python3+
http.client.REQUEST_URI_TOO_LONG - HTTP Status Symbol for Rails
:request_uri_too_long - HTTP Status Constant for Symfony
Response::HTTP_REQUEST_URI_TOO_LONG - HTTP Status Constant for Python2
httplib.REQUEST_URI_TOO_LONG - HTTP Status Constant for Python3.5+
http.HTTPStatus.REQUEST_URI_TOO_LONG
The request’s specified Content-Type or Content-Encoding, or a direct inspection of the contents, may have caused the format issue.
References for Code 415
- HTTP Status Constant for Python2
httplib.UNSUPPORTED_MEDIA_TYPE - HTTP Status Symbol for Rails
:unsupported_media_type - HTTP Status Constant for Python3.5+
http.HTTPStatus.UNSUPPORTED_MEDIA_TYPE - HTTP Status Constant for Python3+
http.client.UNSUPPORTED_MEDIA_TYPE - HTTP Status Constant for Go
http.StatusUnsupportedMediaType - HTTP Status Constant for Symfony
Response::HTTP_UNSUPPORTED_MEDIA_TYPE
416 Requested Range Not Satisfiable Status Code
When a byte range fails to overlap the current extent, it signifies that all of the byte range specification values’ first-byte positions were longer than the current length of the chosen representation. Sender MUST create a Content-Range header field indicating the current length of the chosen representation when this status code is produced in response to a byte-range request2.
Example:
HTTP/1.1 416 Range Not Satisfiable
Date: Fri, 20 Jan 2012 15:41:54 GMT
Content-Range: bytes */47022
Note: Since servers are free to ignore Range, many implementations will just send back a 200 OK response that contains the complete specified representation. This is somewhat due to the fact that most clients are ready to finish the work (albeit less effectively) after receiving a 200 OK, and partially due to the possibility that clients won’t cease issuing invalid partial requests until they have obtained a complete representation. Therefore, even when it is most appropriate, clients cannot rely on getting a 416 Range Not Satisfiable response.
References for Code 416
- HTTP Status Constant for Symfony
Response::HTTP_REQUESTED_RANGE_NOT_SATISFIABLE - HTTP Status Constant for Python3+
http.client.REQUESTED_RANGE_NOT_SATISFIABLE - HTTP Status Symbol for Rails
:requested_range_not_satisfiable - HTTP Status Constant for Python2
httplib.REQUESTED_RANGE_NOT_SATISFIABLE - HTTP Status Constant for Python3.5+
http.HTTPStatus.REQUESTED_RANGE_NOT_SATISFIABLE - HTTP Status Constant for Go
http.StatusRequestedRangeNotSatisfiable
417 Expectation Failed Status Code
The 417 Expectation Failed status code denotes that the server was unable to fulfil the expectation specified in the Expect request-header field.
References for Code 417
- HTTP Status Constant for Python2
httplib.EXPECTATION_FAILED - HTTP Status Symbol for Rails
:expectation_failed - HTTP Status Constant for Python3.5+
http.HTTPStatus.EXPECTATION_FAILED - HTTP Status Constant for Symfony
Response::HTTP_EXPECTATION_FAILED - HTTP Status Constant for Go
http.StatusExpectationFailed - HTTP Status Constant for Python3+
http.client.EXPECTATION_FAILED
418 I’m A Teapot Status Code
This status code makes reference to the 1998 April Fool’s Day release of the Hyper Text Coffee Pot Control Protocol.
Websites may utilise this status code even if it was originally intended as a joke. For requests they don’t want to handle, like automated queries, several websites utilise 418s. The use of 418 is uncommon and not typically regarded as best practise.
However, it can be amusing to read through the Hyper Text Coffee Pot Control Protocol.
References for Code 418
- HTTP Status Constant for Symfony
Response::HTTP_I_AM_A_TEAPOT - HTTP Status Constant for Go
http.StatusTeapot
421 Misdirected Request Status Code
Regardless of whether the request method is idempotent or not, clients who receive a 421 Misdirected Request response from a server MAY attempt the request via a separate connection. This is conceivable if a connection is reused1 or ALT-SVC is used as an alternate service.
PROXIES MUST NOT produce this status code.
A 421 response is cacheable by default, that is, unless the method specification or explicit cache controls2 specify otherwise.
References for Code 421
- HTTP Status Symbol for Rails
:misdirected_request
422 Unprocessable Entity Status Code
If an XML request body contains well-formed (syntactically valid) but incorrect semantic XML instructions, then this error condition may occur.
References for Code 422
- HTTP Status Symbol for Rails
:unprocessable_entity - HTTP Status Constant for Symfony
Response::HTTP_UNPROCESSABLE_ENTITY
423 Locked Status Code
A suitable precondition or postcondition code, such as «lock-token-submitted» or «no-conflicting-lock,» SHOULD be included in this response.
References for Code 423
- HTTP Status Symbol for Rails
:locked - HTTP Status Constant for Symfony
Response::HTTP_LOCKED
424 Failed Dependency Status Code
If one of the commands in a PROPPATCH method fails, at the very least the remaining commands will likewise fail with the error code 424 Failed Dependency.
References for Code 424
- HTTP Status Constant for Symfony
Response::HTTP_FAILED_DEPENDENCY - HTTP Status Symbol for Rails
failed_dependency - HTTP Status Constant for Python
httplib.FAILED_DEPENDENCY
426 Upgrade Required Status Code
To identify the necessary protocol(s), the server MUST provide an Upgrade header field in a 426 response.
Example:
HTTP/1.1 426 Upgrade Required
Upgrade: HTTP/3.0
Connection: Upgrade
Content-Length: 53
Content-Type: text/plain
This service requires use of the HTTP/3.0 protocol.
References for 426 Code
- HTTP Status Symbol for Rails
:upgrade_required - HTTP Status Constant for Symfony
Response::HTTP_UPGRADE_REQUIRED
428 Precondition Required Status Code
Its typical application is to prevent conflicts caused by «lost updates,» in which a client GETs the state of a resource, modifies it, then PUTs it back to the server while another party has changed the state on the server. The server can ensure that clients are using the right copy by demanding conditional requests.
Responses with this status code SHOULD provide instructions on how to correctly resubmit the request. For instance:
HTTP/1.1 428 Precondition Required
Content-Type: text/html
<html>
<head>
<title>Precondition Required</title>
</head>
<body>
<h1>Precondition Required</h1>
<p>This request is required to be conditional; try using "If-Match".</p>
</body>
</html>
ℹ️
Responses with the status code 428 SHOULD NOT be cached.
References for Code 428
- HTTP Status Constant for Symfony
Response::HTTP_PRECONDITION_REQUIRED
429 Too Many Requests Status Code
A Retry-After header that specifies how long to wait before submitting a new request MAY be included in the response representations, which SHOULD also include information detailing the situation.
Example:
HTTP/1.1 429 Too Many Requests
Content-Type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>I only allow 50 requests per hour to this Web site per
logged in user. Try again soon.</p>
</body>
</html>
Be aware that neither how the origin server recognises the user nor how it counts requests is specified in this standard. For instance, an origin server can impose a limit on the number of requests it accepts based on counts of requests made for each resource, over the entire server, or even across a group of servers. Additionally, a stateful cookie or the user’s authentication credentials may be used to identify them.
ℹ️
Responses with the status code 429 SHOULD NOT be cached.
References for Code 429
- HTTP Status Constant for Symfony
Response::HTTP_TOO_MANY_REQUESTS
It can be applied both when a single header field is at fault and when the overall collection of request header fields is too large. The response representation SHOULD identify which header field was too large in the latter scenario.
For instance:
HTTP/1.1 431 Request Header Fields Too Large
Content-Type: text/html
<html>
<head>
<title>Request Header Fields Too Large</title>
</head>
<body>
<h1>Request Header Fields Too Large</h1>
<p>The "Example" header was too large.</p>
</body>
</html>
ℹ️
Responses with the status code 431 SHOULD NOT be cached.
References for Code 431
- HTTP Status Constant for Symfony
Response::HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE
444 Connection Closed Without Response Status Code
This status code only appears in the nginx log files and is not visible to clients.
451 Unavailable for Leagal Reasons Status Code
It’s possible that the questioned server is not an origin server. ISPs and search engines are often the entities most immediately impacted by this kind of legislative requirement.
An explanation of the specifics of the legal demand, including the party making it, the relevant law or regulation, and the classifications of people and resources it pertains to, SHOULD be included in responses with this status code. For instance:
HTTP/1.1 451 Unavailable For Legal Reasons
Link: <https://spqr.example.org/legislatione>; rel="blocked-by"
Content-Type: text/html
<html>
<head>
<title>Unavailable For Legal Reasons</title>
</head>
<body>
<h1>Unavailable For Legal Reasons</h1>
<p>This request may not be serviced in the Roman Province
of Judea due to the Lex Julia Majestatis, which disallows
access to resources hosted on servers deemed to be
operated by the People's Front of Judea.</p>
</body>
</html>
The usage of the 451 status code does not imply that the resource named in the request is either present or absent. That is to say, even if the legal requirements were lifted, a request for the resource might still be denied.
Keep in mind that clients can frequently still access the blocked resource by employing technical workarounds like a VPN or the Tor network.
A 451 response is cacheable by default, that is, unless the method specification or explicit cache controls specify otherwise.
References for Code 451
- HTTP Status Constant for Symfony
Response::HTTP_UNAVAILABLE_FOR_LEGAL_REASONS
499 Client Closed Request Status Code
A unique status code that Nginx introduced for the situation where a client cuts off the connection while Nginx is handling the request.
Conclusion
A 4xx Client Error status code indicates that the requested website or page was not available or that the request had improper syntax. You should try to avoid these as a website owner because they indicate that your visitors won’t find what they’re looking for. It could be pages that can’t be discovered and are either gone temporarily or permanently. Additionally, providing a poor user experience, it can harm your SEO efforts.
Search code, repositories, users, issues, pull requests…
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign up
If you are new to the internet and have just started browsing online content, you will likely encounter various types of HTTP errors, with 4XX error types being quite common. These messages are displayed when there’s a problem communicating between a web server and a browser.
These 4XX errors can be confusing and intimidating for any individual. Therefore, it is natural to wonder whether something has gone wrong on your side or if there is a problem with your system.
The 4XX errors, in particular, indicate client-side errors, meaning the problem is caused by the user or client device rather than the server. In this article, we’ll explore what 4XX errors are, their causes, types, and how to avoid them.
So let us get started then!
The 4XX error code means that there’s a problem with the client’s request i.e. the error is caused by the user or the client device rather than the server.
The client-side error response range is from 400 to 499. These errors are different from 5xx errors, which indicate a server-side error.
These errors can occur due to a variety of reasons and can have a negative impact on SEO as well as user experience
For example, a 404 error message means that the client requested a page that doesn’t exist on the server.
Read: 🚩 A Complete Guide to Understanding HTTP Status Codes
What are the common causes of 4XX errors?
There are several reasons why 4xx errors occur, including:
- Incorrect URLs or links: This happens when a user tries to access a page with a wrong URL or a broken link.
- Expired or invalid sessions or cookies: When a user tries to access a website with an expired or invalid session, they’ll encounter a 4xx error.
- User authentication issues: When a user tries to access a page without the proper authentication or credentials, they’ll receive a 4xx error.
- Server or website configuration errors: These errors happen when there’s an issue with the server or website configuration, such as the web server is down, the server is overloaded, or there’s a misconfiguration.
How 4xx errors are different from 5xx errors?
4xx errors and 5xx errors are HTTP status codes that indicate different types of errors that can occur when a user tries to access a web page. The main difference between these two categories of errors is their origin or source.
4xx errors are client-side errors, which means that the problem originates from the user’s side, such as a mistyped URL or an outdated cached version of the page. Some common examples of 4xx errors include “404 Not Found” and “403 Forbidden”.
On the other hand, 5xx errors are server-side errors, which means that the problem originates from the server hosting the website. These errors are typically caused by issues such as server overload, configuration problems, or coding errors.
Some common examples of 5xx errors include “500 Internal Server Error” and “503 Service Unavailable“.
In short, 4xx errors indicate client-side issues while 5xx errors indicate server-side issues.
Types of 4xx Error with their meaning and Fixes
There are several different types of 4XX errors, each with its own unique meaning and potential solutions. Here is a list of some of the most common types of 4xx errors you might encounter on a daily basis.
400 Bad Request
This error occurs when the server cannot understand the request due to malformed syntax. It indicates that there is a syntax error in the request made by the user agent. This error can Cause due to,
- Typed incorrect URL or used some characters that are not allowed.
- Uploading a large file that exceeds the threshold limit.
- Cookies and cache memory that have been stored in the browser get corrupted.
To fix this error, All you have to do is,
- Carefully type the URL in the address bar and recheck the URL for any typo errors.
- Clear your Browser History, Cookies, and cache from your browser as well as DNS cache.
- Disable or deactivate Extensions that you installed on your browser.
401 Unauthorized
This error occurs when the user is not authenticated or has failed to provide proper authentication. It indicates the request made is Unauthorized and it needs user authentication. The response from the server along with this status code includes a WWW-Authenticate header field which contains an authentication challenge to be fulfilled by the user agent.
Causes:
- Incorrect login credentials
- Expired login credentials
- Missing authentication token
- Incorrect authentication method
To fix this 401 Unauthorized error you have to do is,
- Check login credentials
- Refresh authentication token
- Check authentication method
- Provide helpful error messages
402 Status Code –Payment Required
HTTP 402 is a status code that indicates payment is required to access the requested resource. It is a nonstandard status code, that is specially reserved for future use.
Causes:
- Payment errors
- Internal troubleshooting
- A failed attempt to access resources that required payment
- An issue with the payment Gateway
- Incorrect payment details
- Technical difficulties with the website
Fixes:
- Check payment details
- Use a different payment method
- Clear cache and cookies
- Contact customer support
- Update Browser and payment system
- Check documentation
Read: 🚩 How to Fix HTTP 402 “Payment Required” Error?
403 Forbidden
Error 403 refers to a “Forbidden” error, which occurs when a user attempts to access a web page or resource that they do not have permission to access.
Causes:
- Incorrect file Permissions
- Misconfigured Server Settings
- URL or directory structure
- Server and Firewall issue
- Server and Firewall issues
- Browser issues
- Accessing the wrong web location
Fix:
- Check Missing Core Files and Theme Files
- Check the .htaccess file configuration
- Check file and folder permissions
- Check Plugins
- Clear Browser Cache and Cookies
- Try to fix issues from your Chrome Browser
- Deactivate Browser Extensions
- Check Firewall Settings
Read: 🚩 How to Fix WordPress 403 Forbidden Error? [9 Quick Fixes] & How to Fix 403 Forbidden NGINX Error on Your Site?
404 Not Found
The 404 Not Found error is the standard response code of the web server, which occurs when the requested resource cannot be found on the server.
Causes:
- Invalid URL
- Problem with DNS settings
- Corrupt Browser Cache
- WordPress Compatibility Issues
- Server Issues
- Incorrect Redirect
Fixes:
- Reset Permalinks
- Disable themes and Plugins
- Restore .htaccess File
Read: 🚩 How to Fix 404 Not Found Error for WordPress Site & Android?
408 Request Timeout
It is also known as a ‘Request Timeout’ error. It occurs when the server is waiting for the request, but the client is not able to send a request within a certain time frame.
Causes:
- Network Issues
- Server Overload
- Firewall and Security Settings
Fixes:
- Check your network connectivity
- Check your Firewall and Security Settings
- Contact the website and Server Admin
- Try again Later
List of Other Uncommon 4XX Errors
This series of status codes signify that there is some error in the requested process at the user end and a new request is to be made after rectification of the request.
- 405 Method Not Allowed – The requested HTTP method is not allowed for the requested resource.
- 406 – This status code is returned when the requested resource is only capable of generating content not acceptable according to the Accept headers sent in the request.
- 409 – It indicates that there is a conflict in the request made.
- 410 Gone – The requested resource is no longer available on the server and there is no forwarding address.
- 411 – It means that the user agent needs to specify the content length along with the request in order to be processed by the server.
- 413 Payload Too Large – The server cannot process the request because the payload is too large.
- 414 – It indicates that the requested URI is too long for the server to process.
- 415 Unsupported Media Type – The server cannot process the request because the media type is unsupported.
- 429 Too Many Requests – The user has sent too many requests in a given amount of time, and the server is rate-limiting them.
- 444 – It is an Nginx HTTP server extension, known as the ‘No Response’ status code returned when the server returns no information and is used to curb malware.
- 451 – It refers to denial of access due to Legal Reasons, imposed by censorship or a government mandate.
- 499 – It indicates that the connection is being closed by the client while the server is processing the request, so the server cannot return the HTTP header back to the client.
Note: It’s worth noting that some websites may use additional custom 4xx errors, but these are the most common ones that you may encounter.
Impact of 4XX Errors on SEO
As we have already mentioned so many times, 4XX errors are client-side errors that occur when a user requests a webpage that the server cannot find or access.
These errors can have a negative effect on SEO (Search Engine Optimization) because they prevent search engines from accessing and indexing your website’s pages, resulting in decreased visibility and lower rankings in search engine results pages (SERPs).
Here are some of the ways in which 4XX errors can harm your website’s SEO:
- Decreased crawl ability: When search engine bots encounter 4XX errors while crawling your website, they may stop crawling or indexing your pages. This can lead to decreased crawl ability and indexability, resulting in lower rankings in SERPs.
- Broken links: If your website has broken links due to 4XX errors, it can harm the user experience, leading to a higher bounce rate and lower engagement metrics. This can negatively impact your website’s SEO as search engines prioritize user experience and engagement.
- Loss of link equity: If you have internal or external links pointing to pages that return 4XX errors, it can result in a loss of link equity. This means that the authority and value of those links are not being passed onto your website, resulting in lower rankings in SERPs.
- Negative user experience: 4XX errors can harm the user experience, leading to frustration and a higher likelihood of users leaving your website. This can result in decreased engagement metrics, such as time on site and pages per session, which can negatively impact your website’s SEO.
To avoid these negative effects on SEO, it’s essential to monitor and fix 4XX errors promptly. You can use tools like Google Search Console to identify and fix these errors, such as redirecting broken links, fixing incorrect URLs, or updating your sitemap. By addressing 4XX errors, you can improve your website’s crawl ability, user experience, and overall SEO performance.
How to Avoid 4xx Errors?
To avoid and fix 4xx errors, You can take several steps such as,
- Check and correct errors in URLs and links
- Verify user authentication and permissions
- Update server and website configurations as needed
- Use redirects or custom error pages
- Monitor website traffic on a regular basis to identify errors and address recurring issues.
Conclusion
Addressing 4xx errors is essential for improving not only the user experience but also for maintaining a positive SEO ranking. You definitely don’t want to mess with Google’s algorithm, which always seeks to deliver the best user experience and content possible.
Therefore, by understanding the causes and types of 4xx errors, you must take the necessary steps to avoid them happening in the future and create a more user-friendly and reliable website.
Apart from all of the above, if you have any tips or suggestions regarding the 4xx Error that we have missed in this post, or would like to share your experience about the same, do let us know in the comment section below.
Frequently Asked Questions
What are 4xx or 5xx errors?
4xx and 5xx errors are HTTP status codes that indicate the status of a client’s request to a server. 4xx errors indicate client-side errors while 5xx errors indicate server-side errors.
What does received a 4xx error mean on duolingo?
If you receive a 4xx error on Duolingo, it means that there is an issue with the client side of your request to the Duolingo server. This could be due to a variety of reasons, such as a mistyped URL, an incorrect login credential, or a connectivity problem.
What is an example of 4XX errors?
An example of a 4xx error is the “404 Not Found” error, which indicates that the requested resource or web page could not be found on the server. Other examples of 4xx errors include “401 Unauthorized”, “403 Forbidden”, and “400 Bad Request”. These errors are typically caused by client-side issues, such as incorrect authentication credentials, insufficient permissions, or mistyped URLs.