HTTP Error Codes: What They Mean and How to Fix Them Updated on December 31, 2025 by Carrie Smaha 14 Minutes, 8 Seconds to Read HTTP status codes tell your browser what happened when it requested a page from a server. Codes in the 200 range mean success. Codes in the 400 and 500 ranges mean something went wrong. This guide covers the most common HTTP error codes, explains why each one occurs, and walks through troubleshooting steps you can take to resolve them. 400 – Client HTTP Error Codes 400 Bad Request 401 Unauthorized 402 Payment Required 403 Forbidden 404 Not Found 405 Method Not Allowed 406 Not Acceptable 407 Proxy Authentication Required 408 Request Timeout 409 Conflict 410 Gone 411 Length Required 412 Precondition Failed 413 Request Entity Too Large 414 Request-URI Too Long 415 Unsupported Media Type 416 Requested Range Not Sustainable 417 Expectation Failed 500 – Server Error 500 Internal Server Error 501 Not Implemented 502 Bad Gateway 503 Service Unavailable 504 Gateway Timeout 505 HTTP Version Not Supported Understanding HTTP Status Code Categories HTTP status codes are three-digit numbers grouped into five classes: 1xx (Informational): The request was received and processing continues. 2xx (Success): The request was successfully received and processed. 3xx (Redirection): Further action is needed to complete the request. 4xx (Client Error): The request contains an error on the client side. 5xx (Server Error): The server failed to fulfill a valid request. When troubleshooting website issues, you will primarily encounter 4xx and 5xx errors. 400 – Client HTTP Error Codes The 400 error class is reserved for situations in which the “client” has erred in their request or otherwise make a bad request. “User agents,” like your web browser, for example, are urged to provide you with these error codes to assist you in troubleshooting. All of the major browsers, thankfully, comply with this recommendation. 400 Bad Request What it is: The server cannot process the request because the client sent malformed syntax or invalid data. Why it happens: The URL contains invalid characters or incorrect formatting Request headers are too large or improperly formatted Corrupted cookies are being sent with the request The request body contains data the server cannot parse How to troubleshoot: Check the URL for typos, special characters, or encoding issues. Clear your browser cache and cookies, then retry the request. If you’re developing an API, validate that your request body matches the expected format (JSON, XML, form data). Review server logs to identify which part of the request triggered the error. Test the same request in a different browser or using a tool like cURL to isolate the issue. 401 Unauthorized What it is: The request requires user authentication, but valid credentials were not provided. Why it happens: No authentication credentials were included in the request The provided username or password is incorrect An access token has expired or is invalid HTTP Basic or Bearer authentication is required but missing How to troubleshoot: Verify you are using the correct username and password. Check whether your session has expired and log in again. If using API tokens, confirm the token is valid and has not expired. Ensure your Authorization header is formatted correctly. According to MDN Web Docs, a 401 response includes a WWW-Authenticate header that specifies the required authentication scheme. Contact the site administrator if you believe your account should have access. 402 Payment Required The HTTP 402 Payment Required client error response status code is a nonstandard response status code reserved for future use. This status code was created to enable digital cash or (micro) payment systems and would indicate that requested content is not available until the client makes a payment. No standard use convention exists and different systems use it in different contexts. 403 Forbidden What it is: The server understood the request but refuses to authorize it. Unlike 401, providing credentials will not help. Why it happens: File or directory permissions prevent access The .htaccess file contains rules blocking the request ModSecurity or another firewall flagged the request as potentially malicious IP-based restrictions are blocking your location The resource is restricted to specific user roles How to troubleshoot: Check file permissions on your server. Files should typically be set to 644 and directories to 755. Review your .htaccess file for Deny from rules or other access restrictions. Examine ModSecurity logs in cPanel under Security > ModSecurity to see if a rule triggered the block. Verify directory indexing settings if you’re trying to access a folder without an index file. Contact your hosting provider if the error persists, as there may be server-level restrictions. Continue Reading: Correcting a 403 Forbidden Error 404 Not Found What it is: The server cannot find the requested resource. The connection succeeded, but the specific page, file, or asset does not exist at that URL. Why it happens: The page was deleted or moved without a redirect The URL contains a typo A link on the site points to an incorrect or outdated path Permalink settings in WordPress are misconfigured The .htaccess file is missing or corrupted How to troubleshoot: Double-check the URL spelling and capitalization. URLs are case-sensitive on most servers. Use Google Search Console to identify broken links pointing to your site. If running WordPress, go to Settings > Permalinks and click Save Changes to regenerate your .htaccess file. Set up 301 redirects for pages that have moved to new URLs. Create a custom 404 page that helps visitors navigate to working content. A high volume of 404 errors can indicate that bots are probing random URLs on your site. Excessive 404 errors can increase server resource usage and should be monitored in AWStats. 405 Method Not Allowed What it is: The server recognizes the HTTP method (GET, POST, PUT, DELETE, etc.) but the target resource does not support that method. Why it happens: Submitting a POST request to a URL that only accepts GET The web server is not configured to allow certain HTTP methods API endpoints are restricted to specific request types Form submissions are directed to static HTML files How to troubleshoot: Check the response headers for an Allow header that lists supported methods. According to MDN Web Docs, servers must include this header in 405 responses. Verify your form’s action attribute points to a script or endpoint that processes POST data. Review server configuration (Apache, NGINX) to ensure the required methods are enabled. For APIs, consult the documentation to confirm which methods each endpoint supports. 406 Not Acceptable What it is: The server cannot produce a response matching the criteria specified in the request’s Accept headers. Why it happens: The client’s Accept header requests a content type the server cannot provide ModSecurity rules flagged certain content as suspicious Content negotiation between client and server failed How to troubleshoot: Check your request’s Accept header to ensure it includes content types the server can provide (such as text/html or application/json). If using a shared hosting environment, review ModSecurity settings in cPanel. Some rules can trigger false positives on legitimate content. Test with a generic Accept header like */* to determine if specific content type requests are causing the issue. Review server logs for details about which content negotiation criteria failed. Continue Reading: How to Fix and Prevent 406 Not Acceptable Errors 407 Proxy Authentication Required If you see this error, you must check to make sure if and how authentication is required. This may require a coding solution or contact to the IT department to see if the client requires certain authentication. 408 Request Timeout What it is: The server closed the connection because the client took too long to send the complete request. Why it happens: Slow or unstable internet connection on the client side The request payload is large and the upload speed cannot meet server timeout limits Network congestion or latency issues Server timeout settings are too aggressive How to troubleshoot: Refresh the page and try again. Many 408 errors are temporary. Check your internet connection stability. If uploading large files, try compressing them or splitting them into smaller chunks. Server administrators can adjust the Timeout directive in Apache or equivalent settings in NGINX. 409 Conflict This error indicates a conflict with the request and the resource, but it is a conflict that can be resolved. In most cases, your browser will provide more information for troubleshooting. 410 Gone What it is: The requested resource has been permanently removed from the server with no forwarding address. Why it happens: Content was intentionally deleted and will not return The server owner wants search engines to remove the URL from their index Time-limited content (promotions, events) has been taken down How to troubleshoot: This error is typically intentional. If you see a 410 error unexpectedly: Confirm the resource was meant to be removed. Check for accidental deletions or configuration changes. If the content still exists elsewhere, set up a 301 redirect instead. From an SEO perspective, 410 tells search engines to deindex the URL more aggressively than a 404. 411 Length Required In this instance, the server requires a request of a predefined length. A header consisting of the proper content length will be accepted. 412 Precondition Failed A true/false pre-condition for the request failed. In many instances, a certain test may be passed in the request, and if the test should fail the request in canceled. 413 Request Entity Too Large As the error indicates in the title, the resource entity passed to the server was too large. 414 Request-URI Too Long The 414 error can trigger when a request made to a server with a Request-URI that is too long for the server to accept. This rare error is often associated with possible security risks, such as a PUT request “improperly converted” into a GET request. 415 Unsupported Media Type What it is: The server refuses the request because the payload format is not supported. Why it happens: Uploading a file type the server does not accept Sending data with an incorrect Content-Type header The API expects JSON but receives XML (or vice versa) How to troubleshoot: Convert the file to a supported format before uploading. Verify the Content-Type header matches the data you’re sending. Check server configuration or application documentation for supported media types. 416 Requested Range Not Sustainable What it is: The client requested a specific range of bytes from a resource, but that range cannot be satisfied. Why it happens: The Range header requests bytes beyond the file’s actual size A download was interrupted and the resume request is invalid Video or audio streaming seeks to a position that doesn’t exist How to troubleshoot: Clear browser cache and retry the download from the beginning. Verify the file exists and has the expected size on the server. Remove or correct the Range header in your request. 417 Expectation Failed What it is: The server cannot meet the requirements specified in the request’s Expect header. Why it happens: The client sent an Expect: 100-continue header, but the server does not support it Proxy servers between the client and origin server rejected the expectation How to troubleshoot: Remove the Expect header from your request and resend. Clear browser cache and cookies. If using proxies, check their configuration for expectation handling. 500 – Server Error The following status codes have earned a bad reputation for their stubborn consistency in calling out server errors. If you see one of these errors, you know something is wrong, but it can be difficult to know exactly what happened. 500 Internal Server Error What it is: A generic error indicating the server encountered an unexpected condition that prevented it from completing the request. Why it happens: PHP syntax errors or uncaught exceptions Incorrect file permissions (especially on .htaccess) Corrupted .htaccess file PHP version incompatibility with installed scripts or plugins Exhausted memory limits or execution time limits Database connection failures How to troubleshoot: Check your server’s error logs. In cPanel, go to Metrics > Errors to see recent PHP errors. Rename your .htaccess file to .htaccess_backup and see if the error clears. If it does, the issue is in your .htaccess configuration. Verify file permissions. Files should be 644 and directories 755. For WordPress sites, deactivate all plugins via SFTP (rename the plugins folder) to test for plugin conflicts. Confirm your PHP version is compatible with your CMS and plugins. InMotion Hosting customers can change PHP versions in cPanel under Software > MultiPHP Manager. Increase PHP memory limits if scripts are running out of resources. In our Laravel troubleshooting guide, enabling debug mode (setting APP_DEBUG=true in .env) can reveal specific error messages for development environments. Continue Reading: Troubleshooting the 500 Error 501 Not Implemented What it is: The server does not support the functionality required to fulfill the request. The HTTP method used is not recognized or implemented. Why it happens: The server does not support the HTTP method in the request (such as PATCH or OPTIONS) A required server module is not installed or enabled How to troubleshoot: Check if the HTTP method you’re using is supported by your server software. Review server documentation to enable additional HTTP methods if needed. Use an alternative method that the server supports. 502 Bad Gateway What it is: The server, acting as a gateway or proxy, received an invalid response from an upstream server. Why it happens: The origin server is down or unresponsive Communication between NGINX and Apache (or PHP-FPM) failed Firewall rules are blocking communication between servers SSL/TLS certificate mismatches between proxy and origin The upstream server crashed or restarted How to troubleshoot: Refresh the page after a few moments. Many 502 errors are temporary. Check if other sites on the same server are affected. If so, the issue is server-wide. Review server status pages from your hosting provider. Verify upstream server health and restart services if necessary (Apache, PHP-FPM, NGINX). Check firewall and security group settings to ensure servers can communicate. Examine proxy configuration for timeout settings and backend server definitions. According to MDN Web Docs, if the origin server returns a valid HTTP error, that error should be passed to the client instead of a generic 502. Continue Reading: How to Fix the 502 Bad Gateway Error 503 Service Unavailable What it is: The server is temporarily unable to handle the request due to maintenance or overload. Why it happens: Planned maintenance mode is enabled The server is overloaded with too many requests A backend service (database, cache) is unavailable Resource limits have been reached How to troubleshoot: Wait a few minutes and try again. This error often resolves on its own. If you’re the site owner, check if maintenance mode is accidentally enabled. Monitor server resource usage (CPU, RAM, disk) for overload conditions. Review traffic patterns for sudden spikes that might overwhelm the server. Contact your hosting provider if the issue persists. Search engines treat 503 errors as temporary and will retry later, making this the appropriate code for planned downtime. 504 Gateway Timeout What it is: The server, acting as a gateway or proxy, did not receive a timely response from the upstream server. Why it happens: Long-running scripts exceed timeout limits Database queries take too long to execute Network latency between proxy and origin servers PHP-FPM or Apache processes are overwhelmed Large file uploads exceed the allowed time How to troubleshoot: Refresh the page. Some 504 errors are momentary. Check server load and resource usage. As discussed in our WordPress Stack guide, NGINX waits up to 60 seconds for PHP or Apache to respond before triggering a 504. Test with a simple PHP script (like phpinfo.php) to isolate whether PHP-FPM and Apache are functioning. Optimize slow database queries or add caching. For large imports or batch operations, break them into smaller chunks or use command-line tools like WP-CLI. Increase timeout values in server configuration if long-running processes are expected. Continue Reading: How to Fix the 504 Gateway Timeout Error 505 HTTP Version Not Supported What it is: The server does not support the HTTP protocol version used in the request. Why it happens: The client is using an outdated or experimental HTTP version Server configuration explicitly disables certain protocol versions Misconfigured proxies are altering the protocol version How to troubleshoot: Update your browser to the latest version. Check server configuration to ensure common HTTP versions (1.1, 2, 3) are supported. Review proxy or CDN settings for protocol version handling. Monitoring and Preventing HTTP Errors Proactive monitoring helps you catch errors before they impact visitors or SEO rankings. Use Server Logs: Review Apache or NGINX access and error logs regularly. In cPanel, AWStats provides a breakdown of HTTP status codes by frequency. Set Up Uptime Monitoring: Tools like UptimeRobot or Pingdom can alert you when your site returns 5xx errors. Check Google Search Console: The Coverage report shows which URLs returned errors during Googlebot’s crawls. Create Custom Error Pages: A branded 404 page with navigation links keeps visitors on your site even when they encounter missing content. InMotion Hosting customers can create custom error pages in cPanel. Implement Redirects: When you move or delete content, set up 301 redirects to prevent 404 errors and preserve SEO value. When to Contact Support Some HTTP errors require server-level access to resolve. Contact your hosting provider when: 500 errors persist after checking file permissions, .htaccess, and error logs 502 or 504 errors occur consistently across the entire server You suspect firewall rules or ModSecurity are blocking legitimate traffic Server processes (Apache, PHP-FPM, MySQL) need to be restarted Resource limits need adjustment InMotion Hosting provides 24/7 expert human support from technicians who can investigate server-side issues and help restore your site. Share this Article Carrie Smaha Senior Manager Marketing Operations Carrie Smaha is a Senior Marketing Operations leader with over 20 years of experience in digital strategy, web development, and IT project management. She specializes in go-to-market programs and SaaS solutions for WordPress and VPS Hosting, working closely with technical teams and customers to deliver high-performance, scalable platforms. At InMotion Hosting, she drives product marketing initiatives that blend strategic insight with technical depth. More Articles by Carrie Related Articles MySQL Error 1064: You Have an Error in Your SQL Syntax MySQL Error 1044 Access Denied Troubleshooting: Fixing the “localhost Refused to Connect” Error HTTP Error Codes: What They Mean and How to Fix Them How to Fix the 504 Gateway Timeout Error 500 Internal Server Error How to Fix the Insecure SSL Error due to SHA-1 Deprecation How to Fix the “550 No Such User Here” Email Error Email Error – Mailbox Quota Exceeded Resolving DNS_PROBE_FINISHED_NXDOMAIN Errors
