HTTP codes

These are the most common HTTP codes to HTTP requests, useful to know for webapp hacking: The request has succeeded. T The requested resource has different choices and cannot be resolved into one. For example, there may be several index.html pages depending on which language is wanted. The requested resource has been assigned a new permanent URI and any future references to this resource should use one of the returned URIs. The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. If the client has performed a conditional GET request and access is allowed, but the document has not been modified, the server SHOULD respond with this status code. The 304 response MUST NOT contain a message-body, and thus is always terminated by the first empty line after the header fields. If the client has done a conditional GET and access is allowed, but the document has not been modified since the date and time specified in If-Modified-Since field, the server responds with a 304 status code and does not send the document body to the client. Response headers are as if the client had sent a HEAD request, but limited to only those headers which make sense in this context. This means only headers that are relevant to cache managers and which may have changed independently of the document's Last-Modified date. Examples include Date, Server and Expires. The purpose of this feature is to allow efficient updates of local cache information (including relevant meta information) without requiring the overhead of multiple HTTP requests (e.g. a HEAD followed by a GET) and minimizing the transmittal of information already known by the requesting client (usually a caching proxy). The requested resource resides temporarily under a different URI. Since the redirection MAY be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field. The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. The request requires user authentication. The response MUST include a WWW-Authenticate header field containing a challenge applicable to the requested resource. The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. The requested resource is no longer available at the server and no forwarding address is known. This condition is expected to be considered permanent. Clients with link editing capabilities SHOULD delete references to the Request-URI after user approval. If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 Not Found SHOULD be used instead. This response is cacheable unless indicated otherwise. The server encountered an unexpected condition which prevented it from fulfilling the request. The server does not support the functionality required to fulfill the request. This is the appropriate response when the server does not recognize the request method and is not capable of supporting it for any resource. Your web server is unable to handle your HTTP request at the time. There are a myriad of reasons why this can occur but the most common are:
 * HTTP Status Code - 200 OK
 * HTTP Status Code - 300 Multiple Choices
 * HTTP Status Code - 301 Moved Permanently
 * HTTP Status Code - 302 Found
 * HTTP Status Code - 304 Not Modified
 * HTTP Status Code - 307 Temporary Redirect
 * HTTP Status Code - 400 Bad Request
 * HTTP Status Code - 401 Unauthorized
 * HTTP Status Code - 403 Forbidden
 * HTTP Status Code - 404 Not Found
 * HTTP Status Code - 410 Gone
 * HTTP Status Code - 500 Internal Server Error
 * HTTP Status Code - 501 Not Implemented
 * HTTP Status Code - 503 Service Unavailable

•  server crash • server maintenance • server overload • server maliciously being attacked • a website has used up its allotted bandwidth • server may be forbidden to return the requested document This is usually a temporary condition. Since you are getting a return code, part of the server is working. The web people have made the server return this code until they fix the problem.

Some web hosts have server status pages you can check. The server is stating the account you have currently logged in as does not have permission to perform the action you are attempting. You may be trying to upload to the wrong directory or trying to delete a file.
 * HTTP Status Code - 550 Permission Denied