Table of Contents

1. Relevance
   • Importance of HTTP status codes
   • Impact on clients, servers, search engines, and caching layers
   • API design considerations
   • Performance optimization
   • Reliability and monitoring
   • Security implications
   • SEO impact
2. HTTP Status Codes Table with Color Indicators
   • Legend
   • 🟦 1xx Informational
   • 🟩 2xx Success
   • 🟨 3xx Redirection
   • 🟥 4xx Client Errors
   • ⬛ 5xx Server Errors

Relevance

HTTP status codes are fundamental signals in the operation of web systems, directly determining the behavior of clients, servers, search engines, and caching layers. Their proper use can improve performance, reliability, and SEO while reducing infrastructure costs.

In API design, the correct choice of code can radically change the client's behavior. For example, redirecting POST with 302 Found can turn it into GET and break payment logic. Using 308 Permanent Redirect in such a situation will preserve the method and ensure transaction security.

Performance optimization is also impossible without statuses. 304 Not Modified allows the browser not to reload unchanged resources, reducing load time by 30–40% for heavy sites (example — GitHub Pages). And 206 Partial Content is used by Netflix to deliver only the required segments of a video rather than the entire file.

From the standpoint of reliability and monitoring, statuses determine the level of incident severity and the behavior of autoscaling. Misclassifying client errors (4xx) as server errors (5xx) can cause unnecessary scaling and cost growth without addressing the root cause.

Statuses are also security tools. A clear separation between 401 Unauthorized and 403 Forbidden helps prevent information leaks about the existence of resources (OWASP recommendation). Codes 407 Proxy Authentication Required and 511 Network Authentication Required are used for forced network authentication.

Finally, SEO directly depends on the correct choice of codes. 301 Moved Permanently transfers link equity to the new URL, while 302 Found informs the search engine of a temporary move. The 410 Gone code speeds up page deindexing, which is important when removing prohibited content.

Thus, proper use of HTTP codes is a tool with minimal cost and maximum effect: it improves observability, enhances UX, boosts SEO, and optimizes performance.

HTTP Status Codes Table with Color Indicators

Legend: 🟦 1xx Informational, 🟩 2xx Success, 🟨 3xx Redirection, 🟥 4xx Client Errors, ⬛ 5xx Server Errors

Color	Code	Meaning	Example in Production
🟦	100 Continue	Server confirmed headers; body can be sent.	Large PUT with Expect: 100-continue to S3 to avoid sending a rejected payload.
🟦	101 Switching Protocols	Server agreed to switch protocol.	Upgrade from HTTP/1.1 to WebSocket for realtime chat.
🟦	102 Processing	Request accepted; processing not completed (WebDAV).	Long multi-file operation without client timeout.
🟦	103 Early Hints	Preload hints before final response.	Link: rel=preload for CSS/JS, speeding up LCP.
🟩	200 OK	Success with response body.	GET /users/1 returns a JSON document.
🟩	201 Created	Resource created; Location with URI required.	POST /orders → Location: /orders/12345.
🟩	202 Accepted	Accepted for asynchronous processing.	Video encoding job added to a queue.
🟩	204 No Content	Success without body.	DELETE /files/42 confirms deletion.
🟩	206 Partial Content	Partial response via Range.	Byte ranges for MP4 streaming.
🟩	207 Multi-Status	Multiple statuses (WebDAV).	Batch operations: some succeed, some fail.
🟩	208 Already Reported	Resource info already returned.	Avoid repeating data in WebDAV multi-status.
🟩	226 IM Used	Delta encoding applied.	Sync endpoint returns only changes.
🟨	300 Multiple Choices	Multiple representations available.	Language or format selection page.
🟨	301 Moved Permanently	Permanent move; updates SEO signals.	Migration from http:// to https:// with consolidation.
🟨	302 Found	Temporary redirect; canonical URL unchanged.	A/B landing page campaign.
🟨	303 See Other	After POST, redirect to a GET resource.	POST /checkout → GET /orders/123/status.
🟨	304 Not Modified	Client cache is valid; no body.	ETag/If-None-Match cache hit.
🟨	307 Temporary Redirect	Temporary; method preserved.	Rerouting POST traffic to a backup region during maintenance.
🟨	308 Permanent Redirect	Permanent; method preserved.	Enforcing HTTPS or new host without method change.
🟥	400 Bad Request	Invalid syntax or validation.	Corrupted JSON or schema violation.
🟥	401 Unauthorized	Missing or expired authentication.	Expired JWT for a protected resource.
🟥	402 Payment Required	Monetized access.	Paid API tier blocking free request.
🟥	403 Forbidden	Authenticated but insufficient rights.	Non-admin trying to access /admin/users.
🟥	404 Not Found	Resource not found.	Unknown slug /posts/does-not-exist.
🟥	405 Method Not Allowed	Method not supported.	PUT on a GET-only endpoint.
🟥	406 Not Acceptable	No representation matching Accept.	Client requests only image/avif.
🟥	407 Proxy Authentication Required	Proxy requires login.	Corporate proxy blocking outbound traffic.
🟥	408 Request Timeout	Client took too long to send request.	API gateway closes idle upload after 30 seconds.
🟥	409 Conflict	Resource state conflict.	ETag mismatch in optimistic locking.
🟥	410 Gone	Resource intentionally removed; do not restore.	Deleted article for deindexing.
🟥	411 Length Required	Content-Length required.	Legacy upstream accepts only fixed length.
🟥	412 Precondition Failed	If-* precondition violated.	Update rejected due to outdated ETag.
🟥	413 Payload Too Large	Body exceeds limit.	200 MB upload when limit is 50 MB.
🟥	414 URI Too Long	URI too long.	Huge query string from client app.
🟥	415 Unsupported Media Type	Unsupported Content-Type.	text/plain sent to JSON API.
🟥	416 Range Not Satisfiable	Invalid byte range.	Range start beyond file size.
🟥	417 Expectation Failed	Expect header requirement not met.	Server does not implement expected behavior.
🟥	418 I’m a teapot	Test status RFC 2324.	Staging health check returns 418.
🟥	421 Misdirected Request	Request sent to wrong origin.	SNI error in multi-tenant CDN.
🟥	422 Unprocessable Content	Semantically invalid body.	Syntax ok but business rules violated.
🟥	423 Locked	Resource locked (WebDAV).	File “checked-out” by another user.
🟥	424 Failed Dependency	Failed due to dependent operation (WebDAV).	Parent failure breaks child PROPPATCH.
🟥	425 Too Early	Too early to process; risk of replay.	Mitigating 0-RTT in HTTP/2.
🟥	426 Upgrade Required	Different protocol required.	Enforcing HTTP/2 or HTTP/3.
🟥	428 Precondition Required	Preconditions required.	Write requires If-Match for concurrency.
🟥	429 Too Many Requests	Rate limit exceeded.	Throttling 100 requests per minute per token.
🟥	431 Request Header Fields Too Large	Headers too large.	Cookies exceed proxy limit.
🟥	451 Unavailable For Legal Reasons	Blocked by law.	Court order or geoblock.
⬛	500 Internal Server Error	General server error.	Unhandled exception with incident ID.
⬛	501 Not Implemented	Method not implemented.	API does not support PATCH.
⬛	502 Bad Gateway	Invalid upstream response.	Nginx gets 5xx from backend or TLS failure.
⬛	503 Service Unavailable	Overload or maintenance.	Autoscaling; queue limits traffic.
⬛	504 Gateway Timeout	Upstream timeout.	Gateway waits 60 seconds for DB or service response.
⬛	505 HTTP Version Not Supported	HTTP version unsupported.	Client sends HTTP/0.9 to HTTP/1.1 server.
⬛	506 Variant Also Negotiates	Content negotiation error.	Loop due to incorrect Alternates.
⬛	507 Insufficient Storage	Insufficient storage (WebDAV).	Filesystem quota exceeded on WebDAV share.
⬛	508 Loop Detected	Infinite loop detected (WebDAV).	Cyclic collection binding.
⬛	510 Not Extended	Extensions required.	Operation requires proprietary extension.
⬛	511 Network Authentication Required	Login to network required.	Captive portal blocks HTTP until authentication.