# Error codes explained > A comprehensive reference to HTTP status codes you are likely to encounter on your website, with causes and practical resolutions for each one. Source: https://www.kualo.com/knowledgebase/dev-server/error-codes-explained Updated: 2026-06-09 --- When something goes wrong with a web request, the server responds with a three-digit HTTP status code. These codes are grouped by their first digit: 1xx are informational, 2xx mean success, 3xx are redirects, 4xx mean the client sent a request the server could not fulfil, and 5xx mean something went wrong on the server side. Understanding what each code means - and why it appears - makes troubleshooting your website much faster, whether you are a developer or managing your own site for the first time. This article covers the codes you are most likely to encounter, from common redirects and client errors through to server faults and Cloudflare-specific responses. For each one we explain what is happening, what typically causes it, and what you can do to fix it. ## 301 Moved permanently The requested resource has been permanently moved to a new URL, and the server is redirecting the client there automatically. **Resolution:** Your browser should follow the redirect without any action needed. If you own the site, update any internal links and bookmarks to point to the new URL so the redirect is no longer necessary. If you need to set up a 301 redirect yourself, you can do this in cPanel using the Redirects tool - see [How to set up domain redirects in cPanel](/knowledgebase/cpanel-domains/how-to-setup-domain-redirects-in-cpanel) for a walkthrough. ## 302 Found (temporary redirect) The requested resource is temporarily available at a different URL. Unlike a 301, a 302 tells browsers and search engines that the move is not permanent, so they should keep using the original URL. **Common causes:** - A CMS or application is temporarily redirecting traffic - for example, to a maintenance page or a login screen. - A redirect rule in your `.htaccess` file is using a temporary flag (`R=302` or just `R`) rather than a permanent one (`R=301`). - Your application is redirecting HTTP to HTTPS or www to non-www using a temporary redirect when a permanent one would be more appropriate. **Resolution:** If you are seeing an unexpected 302 on your own site, check your `.htaccess` file for redirect rules and review any redirect settings in your CMS or application. If the redirect should be permanent, change the flag to `R=301`. See [Troubleshooting .htaccess issues](/knowledgebase/dev-server/troubleshooting-htaccess-issues) if you need help diagnosing `.htaccess` rules, and [How to set up domain redirects in cPanel](/knowledgebase/cpanel-domains/how-to-setup-domain-redirects-in-cpanel) if you want to manage redirects through cPanel instead. ## 400 Bad request The server could not understand the request because of malformed syntax. **Resolution:** Check the URL and any data sent with the request. This error commonly occurs when a URL is improperly formatted or incorrect parameters are included in the request. ## 403 Forbidden The server understood the request but is refusing to fulfil it because the client lacks the necessary permission. **Resolution:** Check your login credentials if the resource requires authentication. If you believe you should have access, contact the site administrator. If you are the administrator, review the file and directory permissions in cPanel. Other common causes include: - **Incorrect file or directory permissions** - web-accessible files should typically be 644 and directories 755. You can check and change permissions in cPanel's File Manager or via FTP. See [How to use File Manager in cPanel](/knowledgebase/cpanel-files-ftp/how-to-use-file-manager-in-cpanel) for guidance. - **A missing index file** - if a directory has no index file (such as `index.html` or `index.php`) and directory listing is disabled, the server returns a 403. Either add an index file or adjust directory listing behaviour using the [Index Manager in cPanel](/knowledgebase/cpanel-php/how-to-use-the-index-manager-in-cpanel). - **An `.htaccess` rule blocking access** - a `deny` directive or IP block in your `.htaccess` file can produce a 403. See [Troubleshooting .htaccess issues](/knowledgebase/dev-server/troubleshooting-htaccess-issues) and [How to block IP addresses via an .htaccess file](/knowledgebase/dev-server/how-to-block-ips-via-an-htaccess-file). - **Password-protected directory** - if a folder is protected via cPanel's Directory Privacy tool, visitors who have not authenticated will see a 403. See [How to password protect a folder in cPanel](/knowledgebase/cpanel-files-ftp/how-to-password-protect-a-folder-in-cpanel). ## 404 Not found The server cannot find the requested page or resource. **Resolution:** Check the URL for typos, or try navigating to the page through the site's main menu. If you are the site administrator, work through the following common causes: - **Files uploaded to the wrong location** - your website files must be inside the correct document root for your domain. For your main domain this is `public_html`; for addon domains it is the folder you specified when you created the domain. See [Where do I upload my website?](/knowledgebase/cpanel-files-ftp/where-do-i-upload-my-web-site) and [How to create an addon domain in cPanel](/knowledgebase/cpanel-domains/how-to-create-an-addon-domain-in-cpanel) for reference. - **File not uploaded at all** - confirm the file exists on the server using File Manager or FTP. See [How to use File Manager in cPanel](/knowledgebase/cpanel-files-ftp/how-to-use-file-manager-in-cpanel) or the [FTP Getting Started Guide](/knowledgebase/cpanel-files-ftp/ftp-getting-started-guide). - **WordPress permalink or `.htaccess` issue** - on WordPress sites, 404 errors on pages and posts that definitely exist are almost always caused by a broken permalink structure or a missing or corrupted `.htaccess` file. See [How to Diagnose and Fix 404 Errors on WordPress (Permalinks, .htaccess and Missing Files)](/knowledgebase/wp-troubleshooting/how-to-diagnose-and-fix-404-errors-on-wordpress-permalinks-htaccess-and-missing-files) for a full walkthrough, and [Troubleshooting .htaccess issues](/knowledgebase/dev-server/troubleshooting-htaccess-issues) for general `.htaccess` diagnosis. - **URL rewriting not working** - if your application relies on mod_rewrite-style URL rewriting and clean URLs are returning 404s, check that rewriting is enabled. See [How can I enable mod_rewrite?](/knowledgebase/cpanel-php/how-can-i-enable-modrewrite). - **Custom 404 page** - if you want visitors to see a helpful branded page instead of a generic browser error, you can set one up in cPanel. See [How to create custom error pages in cPanel](/knowledgebase/cpanel-getting-started/how-to-create-custom-error-pages-in-cpanel). ## 500 Internal server error Something went wrong on the server side - this is often a PHP version mismatch or a coding error in the site itself. **Resolution:** Check the server's error logs for PHP-related messages. You may need to roll back or update the PHP version in cPanel, or debug the code to find the specific problem. Our shared hosting runs on [CloudLinux](/knowledgebase/dev-server/cloudlinux-overview-why-use-cloudlinux-on-your-server), so per-account error logs are available in cPanel under **Errors**. For a detailed step-by-step diagnosis guide, see [How to fix a 500 Internal Server Error on your website](/knowledgebase/wp-troubleshooting/how-to-fix-a-500-internal-server-error-on-your-website). If the error is on a WordPress site, [Diagnosing critical errors in WordPress: a survival guide](/knowledgebase/wp-troubleshooting/diagnosing-critical-errors-in-wordpress-a-survival-guide) covers WordPress-specific causes in depth. Other common causes include: - **A syntax error in `.htaccess`** - even a single misplaced character in your `.htaccess` file will cause a 500. See [Troubleshooting .htaccess issues](/knowledgebase/dev-server/troubleshooting-htaccess-issues). - **Incorrect file permissions** - scripts with overly permissive permissions (for example 777) can be rejected by the server. Files should generally be 644 and directories 755. - **PHP memory or execution limits** - if a script exceeds its memory or time limits it can produce a 500. You can adjust these in cPanel using the Select PHP Version tool. See [How to manage the PHP version in cPanel using the Select PHP Version tool](/knowledgebase/cpanel-php/how-to-manage-the-php-version-in-cpanel-using-the-select-php-version-tool). ## 503 Service unavailable The server is temporarily unable to handle the request. While this can mean scheduled maintenance, it is often caused by something other than a straightforward server outage. Common causes include: - **Resource limits reached** - on shared hosting, each account has CPU and memory limits enforced by CloudLinux. If your site exceeds them, requests are rejected with a 503 until usage drops back down. You can [check your current resource usage in cPanel](/knowledgebase/cpanel-account/understanding-resource-usage-in-cpanel) under **Resource Usage**. - **Application-level errors** - platforms such as Magento can return a 503 when the application itself fails to start or encounters a fatal error, even if the server is otherwise healthy. Check your application's error logs (for Magento, look in `var/log/` within your Magento installation) for clues. - **Maintenance mode** - some applications put themselves into maintenance mode during updates and return a 503 until the process completes. **Resolution:** Wait a moment and refresh the page. If the error persists, check your resource usage in cPanel and review your application error logs. On shared hosting, this can also be related to your site's [optimisation and resource usage](/knowledgebase/perf-speed/optimising-your-website). Contact our support team if you cannot identify the cause. ## Cloudflare errors If your domain is proxied through Cloudflare, you may encounter Cloudflare-specific error pages rather than standard HTTP responses. These originate from Cloudflare's network, not directly from your hosting server. ### 521 Web server is down Cloudflare can reach your domain but your origin server (your hosting account) refused the connection. **Resolution:** Check that your site is loading correctly when accessed directly via your server IP or a bypass URL. If your hosting account is up but the error persists, check whether a firewall rule is blocking Cloudflare's IP ranges. Contact our support team if you need help investigating the origin server side. ### 522 Connection timed out Cloudflare successfully connected to your origin server but the server did not respond in time. **Resolution:** This is often caused by high server load or a slow application. Check your resource usage in cPanel and review your error logs. Optimising your site's performance - for example by enabling caching - can help prevent this. ### 523 Origin is unreachable Cloudflare cannot reach your origin server at all. This usually means the DNS record Cloudflare is using to find your server is incorrect or the server is offline. **Resolution:** Check that the DNS A record for your domain points to the correct server IP address. If the IP has recently changed, update the record in your DNS zone. See [How to Add or Manage DNS Records in cPanel (Zone Editor)](/knowledgebase/cpanel-domains/how-to-add-or-manage-dns-records-in-cpanel-zone-editor) for help. ### 524 A timeout occurred Cloudflare connected to your origin server but the server took too long to send a complete response. This is common on pages that run long database queries or generate large amounts of content. **Resolution:** Investigate what is causing the slow response - long-running database queries, unoptimised code, or heavy page generation are typical culprits. Enabling server-side caching can reduce the time needed to build pages. ### 525 SSL handshake failed Cloudflare could not complete an SSL handshake with your origin server. This usually happens when Cloudflare's SSL mode is set to **Full (strict)** but the SSL certificate on your origin server is missing, expired, or self-signed. **Resolution:** Make sure your domain has a valid SSL certificate installed in cPanel. AutoSSL can issue one automatically - see [How to manually run AutoSSL for a domain in cPanel](/knowledgebase/security-ssl/how-to-manually-run-autossl-for-a-domain-in-cpanel) for details. Alternatively, set Cloudflare's SSL mode to **Full** rather than **Full (strict)** if you are using a self-signed certificate on the origin. If Cloudflare is interfering with AutoSSL renewal, see [Using AutoSSL with Cloudflare](/knowledgebase/security-ssl/using-autossl-with-cloudflare). ### 526 Invalid SSL certificate Cloudflare cannot validate the SSL certificate on your origin server. **Resolution:** Check that your SSL certificate is valid and has not expired. In cPanel, you can run AutoSSL manually to renew it. If the certificate is valid but the error persists, check that the certificate chain is complete. ### 1020 Access denied A Cloudflare firewall rule is blocking the request. This is not a server error - Cloudflare itself is rejecting the visitor before the request reaches your hosting account. **Resolution:** Review your Cloudflare firewall rules and WAF settings. If you are seeing this on your own site unexpectedly, check whether a rule is too broad and adjust it in your Cloudflare dashboard. --- _Source: Kualo Knowledgebase — https://www.kualo.com/knowledgebase/dev-server/error-codes-explained · © Kualo Ltd._