HTTP Status Codes: Complete List with Fixes (2026)

Look up any HTTP status code with explanations and common fixes.

?

Type a status code like 404 or a keyword like timeout

Common Status Codes

Category Overview

Range Category
1xx Informational
2xx Success
3xx Redirection
4xx Client Error
5xx Server Error

How to Use This Tool

1
Enter a code
Type any HTTP status code or keyword
2
Get instant details
See description and fix in one card
3
Copy & share
One-click copy for docs or Slack
The 2xx/4xx/5xx Rule
Monitor for 2xx (healthy), alert on 4xx (client issues), page on 5xx (server down). A spike in 4xx often means a bad deploy broke client contracts. A spike in 5xx means your service itself is failing.

The Essentials

2xx = Success
Your endpoints should return these
3xx = Redirect
Usually expected, watch for chains
4xx = Client Error
Bad request, auth issues, not found
5xx = Server Error
Your server has a problem
429 = Rate Limited
Back off and retry with delay
503 vs 502
Service down vs bad gateway upstream

Frequently Asked Questions

HTTP Status Codes: The Five Categories

Every HTTP response carries a 3-digit status code grouped into 5 families. The first digit tells you the response category at a glance:

  • 1xx — Informational: Request received, continuing. Rarely seen outside of 100 Continue and 101 Switching Protocols (WebSocket upgrade).
  • 2xx — Success: The request worked. 200 OK is the default, 201 Created for POSTs that created resources, 204 No Content for DELETEs.
  • 3xx — Redirection: The client must take additional action. 301 permanent move, 302 temporary, 304 Not Modified for caching.
  • 4xx — Client Error: Something is wrong with the request. 400 bad syntax, 401 unauthorized, 403 forbidden, 404 not found, 429 rate-limited.
  • 5xx — Server Error: The server failed. 500 generic, 502 bad gateway (upstream broken), 503 service unavailable, 504 gateway timeout.

The Codes You Actually Need to Memorize

90% of debugging boils down to recognizing these 8:

  • 200 — Success
  • 301 — Permanent redirect (SEO-friendly, like blog.projecthelena.com → projecthelena.com)
  • 401 — Missing or invalid auth
  • 403 — Authenticated but not authorized
  • 404 — Resource doesn't exist
  • 429 — Rate-limited (read Retry-After header)
  • 500 — Server-side bug (check your logs)
  • 502 — Upstream service broken (proxy/load balancer can't reach backend)

401 vs 403: The Most Common Confusion

401 Unauthorized means "I don't know who you are" — fix by providing valid credentials (API key, session, JWT). 403 Forbidden means "I know who you are, you can't do this" — fix by adjusting permissions or roles. The names are misleading. Memorize the distinction once and you'll save yourself a lot of debugging time.

Monitoring HTTP Status Codes

For production services, monitor your 4xx and 5xx rates over time. A spike in 429s often precedes an outage. A creep in 500s usually means a slow memory leak or DB connection pool exhaustion. Use the Uptime Checker for a quick spot-check, and the Error Budget Calculator to translate failure rates into SLO burn.

Related Tools

Uptime SLA Calculator

Calculate downtime for any SLA percentage

Cron Expression Generator

Build and validate cron expressions

Latency Percentile Calculator

Calculate P50, P90, P95, P99

Monitoring HTTP responses?

Warden alerts you instantly when your endpoints return error status codes.

Join the waitlist →