How to troubleshoot common HTTP error codes?
When you try to access a web server or a web application, every HTTPS request received by a server is answered with an HTTPS status code. The HTTP status codes are composed of 3 digits and grouped in 5 different classes. These status classes can be quickly identified thanks to the first digit as below:
- 1_ _: Informational
- 2_ _: Success
- 3_ _: Redirection
- 4_ _: Client Error
- 5_ _: Server Error
We will try to focus on finding and troubleshooting the most common HTTP error codes you can encounter.
In fact, there are many situations that can cause a web server to answer a request with a certain error code. We will go through the most common issues and how to solve them.
Client and Server Error
The client errors, or HTTP error status codes between 400 and 499, are the result of HTTP requests sent by a user client such as a web browser or other HTTP client. Even though these types of errors are client-related, it is often useful to know which error code a user is encountering to determine if the potential issue can be fixed by server configuration.
Now on the contrary, server errors, or HTTP status codes between 500 and 599, are returned by the web server itself when it is aware that an error has occurred or is not able to process the request.
HTTP Codes Troubleshooting Tips
- Test the web server: When using your web browser to test a web server, refresh the browser after making server changes.
- Check the server’s logs: by checking your server’s logs for more details about how the server is handling the requests.
For example, a web server such as Nginx or Apache give two files called “
access.log” and “
error.log". You can search there for relevant information.
- Check the error code: always keep in mind that depending on the HTTPS status code returned, you will know the exact kind of error is happening.
Now we will go through the most common encountered errors and how to fix them.
400 – Bad Request
The 400 status code, also called Bad Request error, means the HTTP request that was sent to the server has an invalid syntax.
For example, a 400 Bad Request error might occur when:
- The user’s cookie that is associated with the site is corrupt.
Clearing the browser’s cache and cookies should solve this issue.
- Malformed request due to a faulty browser.
- Malformed request due to human error when manually forming HTTP requests (e.g. using
401 – Unauthorized
The 401 status code, also called Unauthorized error, which means that the user trying to access the resource has not been authenticated or has not been authenticated correctly. This means that the user must provide valid credentials to be able to view the protected content and resource.
A 401 – Unauthorized error could happen when a user tries to access a resource that is protected by HTTP authentication. If that’s the case, the user will receive a 401 response code until they provide a valid username and password.
PLEASE NOTE: the authentication details needs to exist in the .
htpasswd file of the web server.
403 – Forbidden
The 403 status code, also called Forbidden error, means that the user made a valid request but the server is refusing to serve the access or the request.
This can be due to a lack of access permissions to the requested resource. If you are encountering a 403 error unexpectedly, there are a few common causes that we are explaining below.
1) File Permissions
The 403 errors usually occur when the user running the web server process does not have sufficient permissions to read the file that is being accessed.
Here’s an example of the 403 error:
- A user tries to access the web server’s index: http://example.com/index.html
- The web server process this file which is owned by the
- The server’s index file is found at
In this case, if the user gets a 403 – Forbidden error, you will need to ensure that the
www-data user has the correct permissions to read the requested file.
That simply means that you should set the other permissions “to read“. There are different ways to do so but you can do as follow:
sudo chmod o=r /usr/share/nginx/html/index.html
The second most common cause of 403 errors is the use of an
An htaccess file, which stands for “hypertext access” file, is a distributed server configuration file. The htaccess file allows you to set server configurations for a specific directory.
.htaccess file can also be used to deny access of certain resources to specific IP addresses or ranges.
In fact, if the user is unexpectedly getting a 403 – Forbidden error, you’ll need to make sure your
.htaccess settings are not the cause.
3) Index File Does Not Exist
Last but not least, when the user tries to access a directory that doesn’t include a default index file and when the directory listings are not enabled, this can cause a 403 error.
The web server will then return a 403 – Forbidden error. For example, if the user is trying to access
http://example.co.uk/mydir/, and if there is no index file in the
mydir directory on the server, a 403 status will be returned.
If you want directory listings to be enabled, you may do so in your web server configuration.
404 – Not Found
The 404 status code, also called Not Found error, means that the user can communicate with the server but the server can’t locate the file or resource requested.
404 errors can happen in a number of various situations. For example, when the user receives a 404 Not Found error, here are some questions we can ask ourselves:
- Is the link properly written? Has the URL any typographical error?
- Has the user typed in the correct URL?
- Is the file’s path correct? Does it point to the right location on the server?
- Has the resource been moved or deleted on the server?
- Does the server configuration specify the correct document root location?
- Does the user that owns the web server worker process have privileges in the directory where the requested file is, such as directories requiring read and execute permissions to be accessed.
- Has the resource being accessed with a symbolic link? You’ll need to make sure the web server is configured to follow symbolic links.
500 – Internal Server Error
The 500 status code, also called Internal Server error, means that server cannot process the request for an unknown reason.
The most common cause for a 500 error is a server misconfiguration. For example with a malformed
.htaccess file or missing packages like when you”re trying to execute a PHP file without PHP installed properly.
PLEASE NOTE: you might see this code even when more specific 5_ _ errors are more appropriate.
502 – Bad Gateway
The 502 status code, also called Bad Gateway error, means that the gateway or the proxy server is not receiving a valid response from the backend servers that should actually answer the request.
If your server is a reverse proxy server like a load balancer, here are a few things to check first:
- The backend servers, where the HTTP requests are being forwarded to, are “OK”.
- The reverse proxy is configured properly, with the proper backends specified.
- The network connection between the backend servers and reverse proxy server is healthy. If the servers can communicate on other ports, make sure that the firewall is allowing the traffic between them.
- If your web application is configured to listen on a socket, ensure that the socket exists in the correct location and that it has the proper permissions.
503 – Service Unavailable
The 503 status code, or also called Service Unavailable error, means that the server is overloaded or under maintenance. This usually implies that the service will become available again at some point, such as following maintenance of the website.
Now, if it’s not because of maintenance, this can mean the server CPU or memory resource is not enough to handle all the incoming requests.
504 – Gateway Timeout
Finally, the 504 status code, or also called Gateway Timeout error, simply means that the gateway or proxy server is not receiving a response from the backend servers within the allowed time period.
This usually happens when:
- The network connection between the servers is very slow or poor.
- The backend server that is fulfilling the request is too slow, due to poor performance.
- Or the gateway or proxy server’s timeout duration is too short.
We hope that this guide helps you get familiar with the most common HTTP error codes and their solutions. Now you should have a good basis for troubleshooting issues with your web sites, servers or applications.