List of HTTP status codes/IIS error Codes | Infosecwithme Blog




Blackhattrick.com | List of HTTP status codes/IIS error Codes


Very much important while Analyzing Hacking attempt/incident related to Web server.


when you move to raw event below codes will exist in Raw event, it will help you to analyze the incident in a better way.


The following is a list of Hypertext Transfer Protocol (HTTP) response status codes. The first digit of the status code specifies one of five classes of response; the bare minimum for an HTTP client is that it recognises these five classes. The phrases used are the standard examples, but any human-readable alternative can be provided. Unless otherwise stated, the status code is part of the HTTP/1.1 standard


The Internet Assigned Numbers Authority (IANA) maintains the official registry of HTTP status codes.


Microsoft IIS sometimes uses additional decimal sub-codes to provide more specific information,[1] but these are not listed here.


Contents:-


1 1xx Informational
2 2xx Success
3 3xx Redirection
4 4xx Client Error
5 5xx Server Error
6 See also
7 References
8 External links 


4xx Client Error

The 4xx class of status code is intended for cases in which the client seems to have erred. Except when responding to a HEAD request, the server should include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. These status codes are applicable to any request method

400 Bad Request
The request cannot be fulfilled due to bad syntax.


401 Unauthorized 
Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided.The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource. See Basic access authentication and Digest access authentication. 


402 Payment Required
Reserved for future use.The original intention was that this code might be used as part of some form of digital cash or micropayment scheme, but that has not happened, and this code is not usually used. As an example of its use, however, Apple's MobileMe service generates a 402 error if the MobileMe account is delinquent.[citation needed] In addition, YouTube uses this status if a particular IP address has made excessive requests, and requires the person to enter a CAPTCHA. 


403 Forbidden 
The request was a valid request, but the server is refusing to respond to it.Unlike a 401 Unauthorized response, authenticating will make no difference.On servers where authentication is required, this commonly means that the provided credentials were successfully authenticated but that the credentials still do not grant the client permission to access the resource (e.g. a recognized user attempting to access restricted content). 


404 Not Found
The requested resource could not be found but may be available again in the future.Subsequent requests by the client are permissible. 


405 Method Not Allowed 
A request was made of a resource using a request method not supported by that resource;for example, using GET on a form which requires data to be presented via POST, or using PUT on a read-only resource. 


406 Not Acceptable
The requested resource is only capable of generating content not acceptable according to the Accept headers sent in the request.

If you need to know more about error codes please refer below link

Reference Link:



Share Your Knowledge................................by comment
List of HTTP status codes/IIS error Codes | Infosecwithme Blog List of HTTP status codes/IIS error Codes | Infosecwithme Blog Reviewed by BlackHat on 8:37 PM Rating: 5

No comments:

Thanks for Valuable Comment. I will review and get back.



SastiPrice.com Store | India's One of Best Affiliate Store



-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Cyber Security Learning E-Books



Powered by Blogger.