What HTTP Status Codes Should Programmers be Concerned With?

Question

So, if you look at the List of HTTP Status Codes, there are probably a number of them that would be useful while programming. The server might handle some things, like protocols

Answer 1

To be more precise, these are just HTTP status codes, not HTTP headers. Headers convey a lot of things and are sent by both the client and the server, and are beyond the scope of this answer.

One of the HTTP headers, namely the first one sent by the server to the client, looks like this:

HTTP/1.x 200 OK

or:

HTTP/1.x 404 Not Found

The number that appears after the protocol identifier HTTP/1.x is what's called the status code with the corresponding status message sent after it. Here are the status codes that I've had to use in my PHP programming days:

• 200 OK is by far the most common. It means that everything has worked fine and that you're responding with content.
• 404 Not Found is automatically sent by the server under certain conditions, in particular when the request leads to an executing script that cannot be found on the server. Sometimes, especially if you're writing frameworks which handle URIs in a special way, you will want to manually set a 404 status code. For example, if you have one central executing script index.php through while you route all requests using .htaccess or your Apache settings, Apache will almost never return a 404 on its own accord because, after all, it has found index.php. But clearly, there will still be some URIs that you want to communicate don't lead to anywhere, for which you'll want to send your own 404 status header.
• 301 Moved Permanently and 302 Found (more commonly referenced as 'Moved Temporarily'). These two instruct the browser to look for a Location header and to redirect the user to the URL specified there. Most PHP frameworks have their own functions for HTTP redirects, which also handle the headers. The native PHP redirect header('Location: http://www.google.com'); automatically changes the HTTP status to 302. I've never really understood in depth the difference between 302 and 301, but I've read that 301 is much better for Search Engine Optimization, so I try to always use 301. Perhaps someone else can enlighten on what the exact difference is. One thing to be careful of is to avoid putting a 301/302 status and Location header on a page that's intended to receive POST data. I've had some trouble with it in the past.
• 304 Not Modified is usually sent automatically depending on your Apache settings. Most browsers under normal conditions include the date/time on which the requested item was cached on the user's computer. ETags and other headers are used for this purpose. If Apache judges that the server's corresponding file has not changed since that time, Apache will often send a 304 with no content, which just tells the client to use the cached version.
• 401 Unauthorized is sent when a user is trying to access a restricted section on the website. There are some old HTML features and server technologies that support native username/password prompts, which sent 401 status codes when the prompts were cancelled or not authorized. Most people these days write their own PHP implementations for user authentication and rights management, so Apache doesn't often send 401s on its own accord. You can send the status manually to indicate that more rights are needed to access the page.
• 400 Bad Request is sent by Apache if it receives a request it can't understand. You usually don't have to worry about sending it manually.
• 403 Forbidden is used by some people when users are trying to access a area that they would not be able to access, even with proper authentication perhaps due to geographic, IP, or banning restrictions. I don't use it myself, and I just use 401 and 404 to fill in.
• 5xx. The 500-series are the codes you really don't to see as a developer. It means your code or server did something bad. If you have a server or a load-balancing system of sufficient calibre and you don't have errors in your code, you'll never see the 500-series.