logo
GeekFormat

HTTP Status Codes Lookup

High Frequency Status Codes

Search Results (77)

100
1xx
Continue
已收到请求头,客户端应继续发送请求体
101
1xx
Switching Protocols
服务器正按 Upgrade 切换协议(如 WebSocket)
102
1xx
Processing
已接受请求,处理尚未结束(WebDAV)
103
1xx
Early Hints
在最终响应前返回 Link 等提示以预加载资源
104
1xx
Upload Resumption Supported
表明支持可恢复上传(IANA 临时注册,详见 httpbis 可恢复上传草案)
200
2xx
OK
请求成功
201
2xx
Created
已创建资源
202
2xx
Accepted
已接受,尚未处理完成(异步任务常见)
203
2xx
Non-Authoritative Information
成功,表示可能来自代理/缓存
204
2xx
No Content
成功,无响应体
205
2xx
Reset Content
成功,客户端应重置文档或表单视图
206
2xx
Partial Content
成功返回部分内容(Range)
207
2xx
Multi-Status
多状态 XML响应(WebDAV)
208
2xx
Already Reported
DAV 绑定成员已在先前响应中列出(WebDAV)
226
2xx
IM Used
已应用实例操作(Delta 编码,RFC 3229)
300
3xx
Multiple Choices
多种表示可选,需选择或重定向
301
3xx
Moved Permanently
资源永久迁移至新 URI
302
3xx
Found
资源临时位于其他 URI
303
3xx
See Other
应使用 GET 访问另一 URI 获取结果
304
3xx
Not Modified
缓存仍有效
305
3xx
Use Proxy
须经由代理(已弃用,不建议实现)
306
3xx
(Unused)
历史占位,HTTP/1.1 起未使用
307
3xx
Temporary Redirect
临时重定向,方法与正文不变
308
3xx
Permanent Redirect
永久重定向,方法与正文不变
400
4xx
Bad Request
语法无效,无法解析
401
4xx
Unauthorized
需身份验证(常配合 WWW-Authenticate)
402
4xx
Payment Required
预留,极少实现
403
4xx
Forbidden
拒绝访问(与401 不同:未必缺凭证)
404
4xx
Not Found
未找到资源
405
4xx
Method Not Allowed
该 URI 不支持此 HTTP 方法
406
4xx
Not Acceptable
无法生成 Accept 可接受的表示
407
4xx
Proxy Authentication Required
需先通过代理认证
408
4xx
Request Timeout
等待请求超时
409
4xx
Conflict
与资源当前状态冲突
410
4xx
Gone
资源曾存在且已永久移除
411
4xx
Length Required
缺少有效 Content-Length 等
412
4xx
Precondition Failed
前置条件(如 If-*)不满足
413
4xx
Content Too Large
请求体过大(RFC 9110 用语)
414
4xx
URI Too Long
URI 过长
415
4xx
Unsupported Media Type
不支持的媒体类型
416
4xx
Range Not Satisfiable
无法满足 Range
417
4xx
Expectation Failed
无法满足 Expect 头
418
4xx
(Unused)
RFC 9110 标记未使用;典故为 RFC 2324「I'm a teapot」
421
4xx
Misdirected Request
请求未指向能响应的服务器/连接(如 HTTP/2)
422
4xx
Unprocessable Content
语义可理解但无法处理(校验失败等)
423
4xx
Locked
资源被锁定(WebDAV)
424
4xx
Failed Dependency
依赖请求失败(WebDAV)
425
4xx
Too Early
拒绝可能重放的过早请求
426
4xx
Upgrade Required
需升级到 Upgrade 指定的协议
428
4xx
Precondition Required
源站要求条件请求以防冲突
429
4xx
Too Many Requests
请求过于频繁,应限速
431
4xx
Request Header Fields Too Large
请求头整体或单项过大
444
vendor
No Response (nginx)
Nginx 直接关连接不返回状态行(常见于限流/屏蔽)
451
4xx
Unavailable For Legal Reasons
因法律原因不可提供
495
vendor
SSL Certificate Error (nginx)
Nginx:客户端证书校验失败
496
vendor
SSL Certificate Required (nginx)
Nginx:需要客户端证书
497
vendor
HTTP to HTTPS Port (nginx)
Nginx:向 HTTPS 端口发送明文 HTTP
499
vendor
Client Closed Request (nginx)
客户端在响应完成前关闭连接
500
5xx
Internal Server Error
服务器内部错误
501
5xx
Not Implemented
不支持该方法或能力
502
5xx
Bad Gateway
网关从上游收到无效响应
503
5xx
Service Unavailable
过载或维护,暂不可用
504
5xx
Gateway Timeout
网关等待上游超时
505
5xx
HTTP Version Not Supported
不支持请求中的 HTTP 版本
506
5xx
Variant Also Negotiates
透明协商配置错误
507
5xx
Insufficient Storage
存储空间不足(WebDAV)
508
5xx
Loop Detected
检测到循环(WebDAV)
510
5xx
Not Extended
需扩展(RFC 2774 实验状态,IANA 标为 OBSOLETED,可忽略)
511
5xx
Network Authentication Required
需在网络层认证(如强制门户)
520
vendor
Unknown Error (Cloudflare)
源站返回异常或空响应
521
vendor
Web Server Is Down (Cloudflare)
无法与源站建立 TCP
522
vendor
Connection Timed Out (Cloudflare)
与源站握手或连接超时
523
vendor
Origin Is Unreachable (Cloudflare)
无法路由到源站
524
vendor
A Timeout Occurred (Cloudflare)
源站已连接但未及时返回完整响应
525
vendor
SSL Handshake Failed (Cloudflare)
与源站 SSL 握手失败
526
vendor
Invalid SSL Certificate (Cloudflare)
源站证书无效
527
vendor
Railgun Error (Cloudflare)
Railgun 边缘到源监听错误(Cloudflare 专用)

Free HTTP status code reference tool with complete coverage of 1xx Informational/2xx Success/3xx Redirection/4xx Client Error/5xx Server Error categories plus vendor extensions. Supports category filtering and keyword search, essential for development and debugging.

Related

Use Cases

  • Web/API development debugging: Quickly look up status code meanings when APIs report errors to determine troubleshooting direction (frontend params or backend bug)
  • API integration troubleshooting: Distinguish 401 auth failure, 403 insufficient permissions, 404 wrong address, 500 server error
  • Operations troubleshooting: Quickly locate causes and solutions when encountering 502/503/504/522/524 errors
  • SEO work: Verify 301/302 redirect types are correct, check 404 error page handling is proper
  • HTTP protocol learning: Beginners systematically learn HTTP status code categories and each code's purpose
  • Interview prep: Frontend/backend interviews often test 301 vs 302, 401 vs 403, 502 vs 504 differences
  • Log analysis: Understand status code meanings when analyzing Nginx/Apache/CDN access logs

Features

  • Comprehensive coverage: Standard 1xx-5xx status codes + Cloudflare/Nginx vendor extensions (5xx vendor), all in one place
  • Quick-access cards: 12 most commonly used codes (200/301/302/304/400/401/403/404/429/500/502/503) — click cards to view details directly
  • Category filtering: One-click filtering by 1xx/2xx/3xx/4xx/5xx/vendor categories to quickly locate problem types
  • Keyword search: Supports fuzzy search by status code number, English name, or description to quickly locate target codes
  • Color coding: 2xx green (success), 3xx/4xx yellow (caution/client issues), 5xx red (server issues) for intuitive visual judgment
  • Desktop table/mobile cards: Full table view on desktop, responsive card view on mobile for great experience on all devices
  • One-click copy of filtered summary: Copy current filter conditions and result count for tickets/documentation

How to Use

  1. Simply type a status code number (e.g., 404) or keyword (e.g., redirect, forbidden, timeout) in the search box
  2. Or click category buttons (1xx/2xx/3xx/4xx/5xx/vendor) to browse by category
  3. Click quick-access status code cards to quickly filter for that code
  4. View the status code's name, category color, and detailed description
  5. Click the copy button to copy current filtered summary for troubleshooting records

FAQ

What are HTTP status codes and what are they used for?

HTTP status codes are three-digit numeric codes returned by servers in response to HTTP requests, indicating whether the request succeeded, failed, or needs further action. They fall into 5 categories: 1xx Informational, 2xx Success, 3xx Redirection, 4xx Client Error, 5xx Server Error. During development and debugging, status codes quickly point you in the right direction: 2xx success means no action needed; 4xx means check request parameters/authentication/permissions/rate limits; 5xx means check server logs.

What exactly is the difference between 301 and 302 redirects?

Core difference: 301 is a **permanent redirect** — browsers/search engines cache the new address and SEO authority transfers to the new URL; 302 is a **temporary redirect** — not cached and no authority transfer. There's also an important method change difference: historically 301/302 would change POST to GET (loose behavior), while 307/308 strictly preserve the original request method. Use 301 for HTTPS redirects, domain migrations, permanent URL changes; use 302 or 307 for temporary maintenance redirects and campaign pages.

What's the difference between 401 and 403?

401 Unauthorized means 'not authenticated' — the server doesn't know who you are, you need to log in/provide a Token first (usually accompanied by WWW-Authenticate header); 403 Forbidden means 'authenticated but no permission' — the server knows who you are, but you don't have access to this resource. In plain terms: 401 is 'you didn't bring your access card', 403 is 'you have an access card but you're not allowed in this room'.

What's the difference between 502, 503, and 504?

All are server errors but with different causes: 502 Bad Gateway means the reverse proxy received an **invalid response** from upstream (backend crash/protocol error); 503 Service Unavailable means the server is **temporarily unavailable** (overloaded/maintenance/service not running); 504 Gateway Timeout means the proxy server **timed out waiting for upstream** (backend processing too slow/database slow queries). When troubleshooting: for 502 check if backend processes are alive and error logs; for 503 check service status/rate limits/maintenance pages; for 504 check backend performance/slow queries/timeout configuration.

When should I use 200 OK vs 204 No Content?

200 OK is the standard success response and can return a response body (e.g., query results, created resource data); 204 No Content indicates success but **returns no response body**, commonly used for successful DELETE operations, PUT/POST updates where no data needs to be returned. A 204 response must not contain a body.

How to handle 429 rate limit status code?

429 Too Many Requests means the client has exceeded the server's request frequency limit. The response usually includes a Retry-After header telling how long to wait before retrying. Clients should implement Exponential Backoff: wait 1 second on first retry, 2 seconds on second, 4 seconds on third... Also check X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset headers to understand rate limit quotas.

What are vendor extension status codes, like Cloudflare's 520-527?

Standard HTTP status codes are only defined in the 100-599 range and mostly registered with IANA, but CDN/proxy server vendors define custom extensions: Cloudflare defines the 520-527 series for origin connection issues (521 origin refused, 522 connection timeout, 524 response timeout, etc.); Nginx defines 499 (client disconnected). These codes aren't standard HTTP codes but appear frequently in actual operations and troubleshooting, and this tool includes commonly used vendor extension codes.

What are HTTP Status Codes?

HTTP Status Codes are three-digit numeric codes returned by servers when responding to HTTP requests, indicating the result of processing — did it succeed or fail? If it failed, was it a client problem or a server problem? Is a redirect needed? This is one of the most fundamental and important diagnostic pieces of information in web development and operations.

Status codes are divided into 5 categories by their first digit: **1xx Informational** (request received, continuing process, less common in practice); **2xx Success** (request processed successfully, most common is 200 OK); **3xx Redirection** (further client action needed, such as 301 permanent redirect, 302 temporary redirect, 304 cache hit); **4xx Client Error** (problem with request, such as 400 bad parameters, 401 not logged in, 403 no permission, 404 not found, 429 rate limited); **5xx Server Error** (server failed to process, such as 500 internal error, 502 bad gateway, 503 unavailable, 504 timeout).

**Why distinguish between 4xx and 5xx?** This is the first priority judgment in troubleshooting: seeing 4xx you should first check your own request — is the URL correct, are parameters complete, did you include a Token, do you have sufficient permissions, are you making requests too frequently; seeing 5xx you need to look at server logs — are backend processes healthy, is the database connected, is configuration correct, is the server overloaded. Getting this direction wrong wastes significant debugging time.

**The differences between redirect status codes are a high-frequency exam topic**: 301 is permanent redirect (SEO authority transfer, browser cached), 302 is temporary redirect (no authority transfer), 307/308 strictly preserve request method (POST won't be changed to GET). In practice, use 301 for HTTPS redirects and domain migrations, 302 for temporary maintenance, 303 for redirecting after POST form submission (PRG pattern).

This tool **completely includes** all standard HTTP status codes (including easily confused ones like 303/307/308, 405/409/422/429 etc.) as well as commonly used vendor extensions from Cloudflare/Nginx (520-527, 499). It supports category filtering, keyword search, and quick-access cards — an essential everyday reference tool for development, API debugging, and operations troubleshooting.

术语表

HTTP
HyperText Transfer Protocol, the foundational protocol for World Wide Web data communication, based on TCP/IP, using a request-response model. Current mainstream versions are HTTP/1.1 and HTTP/2, with HTTP/3 based on QUIC.
Idempotence
Executing the same request multiple times has the same effect as executing it once. GET/HEAD/PUT/DELETE/OPTIONS/TRACE are idempotent; POST is not idempotent (multiple submissions create multiple resources). One important reason 307/308 preserve method is to maintain idempotence.
CORS (Cross-Origin Resource Sharing)
Cross-Origin Resource Sharing, a mechanism for cross-origin access under the browser's same-origin policy. CORS preflight requests (OPTIONS) may return 405 Method Not Allowed or CORS-related errors, one of the most common issues in frontend development.
PRG Pattern (Post/Redirect/Get)
Best practice for web form submission: After POSTing a form, return a 303 See Other redirect to the result page, preventing duplicate submissions when users refresh. This is the most typical use case for 303.
Retry-After
HTTP response header used with 503 Service Unavailable or 429 Too Many Requests to tell clients how many seconds to wait before retrying the request.
WWW-Authenticate
HTTP response header used with 401 Unauthorized to tell clients which authentication scheme to use (Basic/Bearer/Digest etc.) and the authentication realm.
ETag / If-None-Match
Cache validation mechanism. The server returns an ETag identifying the resource version; clients send the If-None-Match header on subsequent requests, and if the resource hasn't changed the server returns 304 Not Modified (no body, saving bandwidth).
Reverse Proxy
A proxy server (such as Nginx, Cloudflare, HAProxy) situated between clients and backend servers, receiving client requests and forwarding them to backends, then returning backend responses to clients. 502/503/504 errors all occur between the reverse proxy and backend.

Overview of Five HTTP Status Code Categories

ClassMeaningPurposeCommon Codes
1xxInformationalRequest received, continuing process (intermediate protocol state)100 Continue, 101 Switching Protocols
2xxSuccessRequest successfully received, understood, and accepted by server200 OK, 201 Created, 204 No Content, 206 Partial Content
3xxRedirectionFurther action needed by client to complete request301 Moved Permanently, 302 Found, 304 Not Modified, 307/308
4xxClient ErrorRequest has syntax error or cannot be fulfilled, client is at fault400 Bad Request, 401 Unauthorized, 403 Forbidden, 404 Not Found, 429 Too Many Requests
5xxServer ErrorServer failed to fulfill an apparently valid request, server is at fault500 Internal Server Error, 502 Bad Gateway, 503 Service Unavailable, 504 Gateway Timeout

Comparison of Common Redirection Status Codes (301/302/303/307/308)

CodeNamePermanentMethod ChangeCacheableTypical Use Case
301Moved Permanently✅ PermanentPOST may change to GET (historical compat)✅ Cached by defaultSite redesign, domain migration, HTTP→HTTPS redirect, deprecated URLs
302Found❌ TemporaryPOST may change to GET (historical compat)❌ Not cached by defaultTemporary maintenance redirect, campaign pages, A/B testing (non-persistent)
303See Other❌ TemporaryPOST→GET (explicit change)❌ Not cached by defaultRedirect to result page after POST form submission (PRG pattern)
307Temporary Redirect❌ TemporaryStrictly preserves original method❌ Not cached by defaultTemporary redirect that strictly preserves request method and body
308Permanent Redirect✅ PermanentStrictly preserves original method✅ Cached by defaultPermanent redirect that strictly preserves POST from being changed to GET

Common Client Error Status Code Troubleshooting Reference

CodeMeaningCommon CausesTroubleshooting Direction
400Bad RequestRequest syntax error/missing parameters/JSON format error/headers too largeCheck request parameters, Content-Type, URL encoding
401UnauthorizedNot authenticated/Token expired/missing Authorization headerCheck login status, Token expiration, Bearer header format
403ForbiddenAuthenticated but no permission/IP blocked/CSRF Token invalid/WAF blockedCheck user permissions, IP whitelist, WAF rules, CSRF Token
404Not FoundURL doesn't exist/resource deleted/routing misconfigurationCheck URL spelling, routing configuration, whether resource was deleted
405Method Not AllowedWrong request method (e.g., using POST on GET-only endpoint)Check HTTP methods (GET/POST/PUT/DELETE etc.), CORS preflight
408Request TimeoutClient sending request too slow/network lag/server timeout too shortCheck network connection, increase timeout, upload in batches
409ConflictResource conflict (e.g., duplicate creation, version conflict, concurrent modification)Check for duplicate submissions, use optimistic locking/idempotency keys
413Payload Too LargeUpload file/request body exceeds server limitCheck nginx client_max_body_size, compress files, use chunked upload
422Unprocessable EntityRequest format correct but semantic error (e.g., field validation failure)RESTful API parameter validation, check required fields, data types, formats
429Too Many RequestsRate limit triggered/request frequency too highReduce request frequency, add retry backoff, apply for higher quota

Common Server Errors and Cloudflare Extension Codes

CodeMeaningCommon Causes
500Internal Server ErrorServer code exception/uncaught error/database connection failure/configuration error
501Not ImplementedServer doesn't support requested functionality (e.g., unsupported HTTP method)
502Bad GatewayReverse proxy (nginx/CDN) received invalid response from upstream/backend process crashed/PHP-FPM not running
503Service UnavailableServer overloaded/under maintenance/backend service not running/connection pool exhausted
504Gateway TimeoutReverse proxy timed out waiting for upstream response/backend processing too slow/database slow queries
520Web Server Returned Unknown Error (CF)Cloudflare: Origin returned unknown/abnormal response (protocol error/empty response/no status code)
521Web Server Is Down (CF)Cloudflare: Origin server refused connection (origin down/firewall blocking CF IPs)
522Connection Timed Out (CF)Cloudflare: Cannot establish TCP connection to origin (origin firewall/security groups/iptables)
523Origin Is Unreachable (CF)Cloudflare: Origin IP unreachable (origin server doesn't exist/routing issues)
524A Timeout Occurred (CF)Cloudflare: TCP connection succeeded but origin timed out returning HTTP response (>100s), common with slow queries/long tasks
499Client Closed Request (Nginx)Nginx extension code: Client closed connection before server responded (user cancelled/frontend timeout)

Authoritative References