Search
Menu

 

HTTP status code in IIS 7 and later versions

HTTP status code in IIS 7 and later versions

The HTTP status codes

This section describes the HTTP status codes that IIS 7.0 and later versions use.

Note This article does not list every possible HTTP status code as dictated in the HTTP specification. This article includes only the HTTP status codes that IIS 7.0 and later versions can send. For example, a custom Internet Server API (ISAPI) filter or a custom HTTP module can set its own HTTP status code.

1xx – Informational

These HTTP status codes indicate a provisional response. The client computer receives one or more 1xx responses before the client computer receives a regular response.

IIS 7.0 and later versions use the following informational HTTP status codes:

  • 100 – Continue.
  • 101 – Switching protocols.

2xx – Success

These HTTP status codes indicate that the server successfully accepted the request.

IIS 7.0 and later versions use the following success HTTP status codes:

  • 200 – OK. The client request has succeeded.
  • 201 – Created.
  • 202 – Accepted.
  • 203 – Nonauthoritative information.
  • 204 – No content.
  • 205 – Reset content.
  • 206 – Partial content.

3xx – Redirection

These HTTP status codes indicate that the client browser must take more action to fulfill the request. For example, the client browser may have to request a different page on the server. Or, the client browser may have to repeat the request by using a proxy server.

IIS 7.0 and later versions use the following redirection HTTP status codes:

  • 301 – Moved permanently.
  • 302 – Object moved.
  • 304 – Not modified.
  • 307 – Temporary redirect.

4xx – Client error

These HTTP status codes indicate that an error occurred and that the client browser appears to be at fault. For example, the client browser may have requested a page that does not exist. Or, the client browser may not have provided valid authentication information.

IIS 7.0 and later versions use the following client error HTTP status codes:

  • 400 – Bad request. The request could not be understood by the server due to malformed syntax. The client should not repeat the request without modifications.IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 400 error:
    • 400.1 – Invalid Destination Header.
    • 400.2 – Invalid Depth Header.
    • 400.3 – Invalid If Header.
    • 400.4 – Invalid Overwrite Header.
    • 400.5 – Invalid Translate Header.
    • 400.6 – Invalid Request Body.
    • 400.7 – Invalid Content Length.
    • 400.8 – Invalid Timeout.
  • 401 – Access denied.
    IIS 7.0 and later versions define several HTTP status codes that indicate a more specific cause of a 401 error. The following specific HTTP status codes are displayed in the client browser but are not displayed in the IIS log:

    • 401.1 – Logon failed.
    • 401.2 – Logon failed due to server configuration.
    • 401.3 – Unauthorized due to ACL on resource.
    • 401.4 – Authorization failed by filter.
    • 401.5 – Authorization failed by ISAPI/CGI application.
    • 401.501 – Access Denied: Too many requests from the same client IP; Dynamic IP Restriction Concurrent request rate limit reached.
    • 401.502 – Forbidden: Too many requests from the same client IP; Dynamic IP Restriction Maximum request rate limit reached.
    • 401.503 – Access Denied: the IP address is included in the Deny list of IP Restriction
    • 401.504 – Access Denied: the host name is included in the Deny list of IP Restriction
  • 403 – Forbidden.
    IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 403 error:

    • 403.1 – Execute access forbidden.
    • 403.2 – Read access forbidden.
    • 403.3 – Write access forbidden.
    • 403.4 – SSL required.
    • 403.5 – SSL 128 required.
    • 403.6 – IP address rejected.
    • 403.7 – Client certificate required.
    • 403.8 – Site access denied.
    • 403.9 – Forbidden: Too many clients are trying to connect to the web server.
    • 403.10 – Forbidden: web server is configured to deny Execute access.
    • 403.11 – Forbidden: Password has been changed.
    • 403.12 – Mapper denied access.
    • 403.13 – Client certificate revoked.
    • 403.14 – Directory listing denied.
    • 403.15 – Forbidden: Client access licenses have exceeded limits on the web server.
    • 403.16 – Client certificate is untrusted or invalid.
    • 403.17 – Client certificate has expired or is not yet valid.
    • 403.18 – Cannot execute requested URL in the current application pool.
    • 403.19 – Cannot execute CGI applications for the client in this application pool.
    • 403.20 – Forbidden: Passport logon failed.
    • 403.21 – Forbidden: Source access denied.
    • 403.22 – Forbidden: Infinite depth is denied.
    • 403.501 – Forbidden: Too many requests from the same client IP; Dynamic IP Restriction Concurrent request rate limit reached.
    • 403.502 – Forbidden: Too many requests from the same client IP; Dynamic IP Restriction Maximum request rate limit reached.
    • 403.503 – Forbidden: the IP address is included in the Deny list of IP Restriction
    • 403.504 – Forbidden: the host name is included in the Deny list of IP Restriction
  • 404 – Not found.
    IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 404 error:

    • 404.0 – Not found.
    • 404.1 – Site Not Found.
    • 404.2 – ISAPI or CGI restriction.
    • 404.3 – MIME type restriction.
    • 404.4 – No handler configured.
    • 404.5 – Denied by request filtering configuration.
    • 404.6 – Verb denied.
    • 404.7 – File extension denied.
    • 404.8 – Hidden namespace.
    • 404.9 – File attribute hidden.
    • 404.10 – Request header too long.
    • 404.11 – Request contains double escape sequence.
    • 404.12 – Request contains high-bit characters.
    • 404.13 – Content length too large.
    • 404.14 – Request URL too long.
    • 404.15 – Query string too long.
    • 404.16 – DAV request sent to the static file handler.
    • 404.17 – Dynamic content mapped to the static file handler via a wildcard MIME mapping.
    • 404.18 – Querystring sequence denied.
    • 404.19 – Denied by filtering rule.
    • 404.20 – Too Many URL Segments
    • 404.501 – Not Found: Too many requests from the same client IP; Dynamic IP Restriction Concurrent request rate limit reached.
    • 404.502 – Not Found: Too many requests from the same client IP; Dynamic IP Restriction Maximum request rate limit reached.
    • 404.503 – Not Found: the IP address is included in the Deny list of IP Restriction
    • 404.504 – Not Found: the host name is included in the Deny list of IP Restriction
  • 405 – Method Not Allowed.
  • 406 – Client browser does not accept the MIME type of the requested page.
  • 408 – Request timed out.
  • 412 – Precondition failed.

5xx – Server error

These HTTP status codes indicate that the server cannot complete the request because the server encounters an error.
IIS and later versions use the following server error HTTP status codes:

  • 500 – Internal server error.
    IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 500 error:

    • 500.0 – Module or ISAPI error occurred.
    • 500.11 – Application is shutting down on the web server.
    • 500.12 – Application is busy restarting on the web server.
    • 500.13 – Web server is too busy.
    • 500.15 – Direct requests for Global.asax are not allowed.
    • 500.19 – Configuration data is invalid.
    • 500.21 – Module not recognized.
    • 500.22 – An ASP.NET httpModules configuration does not apply in Managed Pipeline mode.
    • 500.23 – An ASP.NET httpHandlers configuration does not apply in Managed Pipeline mode.
    • 500.24 – An ASP.NET impersonation configuration does not apply in Managed Pipeline mode.
    • 500.50 – A rewrite error occurred during RQ_BEGIN_REQUEST notification handling. A configuration or inbound rule execution error occurred.
      Note Here is where the distributed rules configuration is read for both inbound and outbound rules.
    • 500.51 – A rewrite error occurred during GL_PRE_BEGIN_REQUEST notification handling. A global configuration or global rule execution error occurred.
      Note Here is where the global rules configuration is read.
    • 500.52 – A rewrite error occurred during RQ_SEND_RESPONSE notification handling. An outbound rule execution occurred.
    • 500.53 – A rewrite error occurred during RQ_RELEASE_REQUEST_STATE notification handling. An outbound rule execution error occurred. The rule is configured to be executed before the output user cache gets updated.
    • 500.100 – Internal ASP error.
  • 501 – Header values specify a configuration that is not implemented.
  • 502 – Web server received an invalid response while acting as a gateway or proxy.IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 502 error:
    • 502.1 – CGI application timeout.
    • 502.2 – Bad gateway: Premature Exit.
    • 502.3 – Bad Gateway: Forwarder Connection Error (ARR).
    • 502.4 – Bad Gateway: No Server (ARR).
  • 503 – Service unavailable.IIS 7.0 and later versions define the following HTTP status codes that indicate a more specific cause of a 503 error:
    • 503.0 – Application pool unavailable.
    • 503.2 – Concurrent request limit exceeded.
    • 503.3 – ASP.NET queue full
    • 503.4 – FastCGI queue full

Log file locations

By default, IIS 7.0 and later versions put log files in the following folder:

inetpub\logs\Logfiles

This folder contains separate directories for each World Wide Web website. By default, the log files are created in the directories daily, and the log files are named by using the date. For example, a log file may be named as follows:

exYYMMDD.log

Credits: https://support.microsoft.com/en-us/help/943891/the-http-status-code-in-iis-7-0-iis-7-5-and-iis-8-0

Loading

Categories:   Middleware

Tags:  , , ,

Comments