Client errors vs server errors & why this matters operationally
At a high level:
- 4xx errors indicate requests the server chose not to fulfil; whereas
- 5xx errors indicate requests the server failed to fulfil
Operationally, this distinction is critical:
- A spike in 4xx errors usually does not indicate an outage.
- A spike in 5xx errors often does indicate SLO risk
Misclassifying these errors can hide real incidents, trigger unnecessary alerts, and cause retries that amplify failures. Understanding the differences allows teams to design better alerts, retries, and incident responses.
400 Bad Request
What this error means
The server could not process the request because it was malformed or invalid.
Common real-world causes
- Invalid JSON or request body
- Missing required parameters
- Incorrect headers (e.g. Content-Type)
What to check first
- Request validation logs
- API schema mismatches
- Client-side serialization
401 Unauthorized
What this error means
Authentication is required, but the request lacks valid credentials.
Common real-world causes
- Expired tokens
- Missing Authorization headers
- Clock skew affecting token validity
What to check first
- Identity provider health
- Token expiry and refresh logic
- Authentication middleware
403 Forbidden
What this error means
The server understood the request but refuses to authorise it.
Common real-world causes
- Incorrect IAM or RBAC rules
- IP allowlists or geo-blocking
- CDN or WAF rules
What to check first
- Permission policies
- Security logs
- Recent access control changes
404 Not Found
What this error means
The requested resource does not exist or cannot be located.
Common real-world causes
- Broken links or outdated routes
- Deployment drift between environments
- Misconfigured rewrite rules
What to check first
- Application routing
- CDN cache behaviour
- Deployment artifacts
408 Request Timeout
What this error means
The server timed out waiting for the client to send the request.
Common real-world causes
- Slow or unstable client connections
- Large payload uploads
- Network congestion
What to check first
- Client network metrics
- Load balancer idle timeout settings
- Request size limits
500 Internal Server Error
What this error means
The server encountered an unexpected condition that prevented it from fulfilling the request.
Common real-world causes
- Unhandled exceptions
- Dependency failures
- Misconfigured environment variables
What to check first
- Application error logs
- Recent deployments
- Dependency health
502 Bad Gateway
What this error means
A server acting as a gateway or proxy received an invalid response from an upstream server.
In modern architectures, this usually means one service could not successfully communicate with another.
What it usually means in production
- The upstream service is down or unreachable
- The upstream returned a malformed response
- The connection was reset mid-request
This error is most commonly generated by:
- Load balancers
- Reverse proxies (Nginx, Envoy)
- CDNs
Common real-world causes
- Crashed backend containers or VMs
- DNS resolution failures between services
- TLS handshake failures
- Timeout mismatches between proxy layers
How to diagnose
- Check upstream service health and error rates
- Inspect proxy and load balancer logs
- Compare timeout configurations across layers
Is this transient or serious?
- Transient: brief spikes during deploys or autoscaling
- Serious: sustained error rate increase across regions
Prevention and monitoring
- Health checks on upstream services
- Synthetic monitoring from multiple regions
- Alerting on error rate and duration
503 Service Unavailable
What this error means
The server is currently unable to handle the request.
Common real-world causes
- Planned maintenance
- Autoscaling lag
- Resource exhaustion
What to check first
- Capacity metrics
- Deployment status
- Maintenance windows
504 Gateway Timeout
What this error means
A gateway did not receive a timely response from an upstream server.
Common real-world causes
- Slow backend services
- Network latency
- Database query bottlenecks
What to check first
- Upstream response times
- Timeout thresholds
- Slow query logs
Frequently asked questions (FAQ)
What is the difference between 502 and 503?
A 502 indicates an invalid response from an upstream service, while a 503 indicates the service is unavailable (often due to overload or maintenance).
Are 4xx errors bad for SEO?
Generally no. Search engines expect some 4xx responses. Persistent 404s on important pages, however, should be addressed.
Which error codes should trigger alerts?
Most teams alert on sustained increases in 5xx error rates, not individual errors.
Can CDNs change error codes?
Yes. CDNs often generate their own 5xx responses when origin servers fail to respond correctly.
How monitoring tools help
HTTP error codes are most useful when combined with uptime monitoring, error rate alerting, and regional checks. Tools like StatusCake help teams detect, classify, and respond to these failures before users notice.