Following are the HTTP Error Codes. These Error codes are crucial for troubleshooting various issues with Symantec Endpoint Protection. You can see these error codes in various logs, such as scm-server-0.log, sylink log, in a Secars test. If you can interpret the correct meaning of the http error code, you can decide the places to look at for resolving this issue. These status codes indicate a provisional response. The client should be prepared to receive one or more 1xx responses before receiving a regular response. * 100 - Continue. * 101 - Switching protocols. 2xx - Success This class of status codes indicates that the server successfully accepted the client request. * 200 - OK. The client request has succeeded. * 201 - Created. * 202 - Accepted. * 203 - Non-authoritative information. * 204 - No content. * 205 - Reset content. * 206 - Partial content. * 207 - Multi-Status (WebDay). 3xx - Redirection The client browser must take more action to fulfill the request. For example, the browser may have to request a different page on the server or repeat the request by using a proxy server. * 301 - Moved Permanently * 302 - Object moved. * 304 - Not modified. * 307 - Temporary redirect. 4xx - Client Error An error occurs, and the client appears to be at fault. For example, the client may request a page that does not exist, or the client may not provide valid authentication information. * 400 - Bad request. * 401 - Access denied. IIS defines several different 401 errors that indicate a more specific cause of the error. These specific error codes are displayed in the browser but are not displayed in the IIS log: o 401.1 - Logon failed. o 401.2 - Logon failed due to server configuration. o 401.3 - Unauthorized due to ACL on resource. o 401.4 - Authorization failed by filter. o 401.5 - Authorization failed by ISAPI/CGI application. o 401.7 – Access denied by URL authorization policy on the Web server. This error code is specific to IIS 6.0. * 403 - Forbidden. IIS defines several different 403 errors that indicate a more specific cause of the error: o 403.1 - Execute access forbidden. o 403.2 - Read access forbidden. o 403.3 - Write access forbidden. o 403.4 - SSL required. o 403.5 - SSL 128 required. o 403.6 - IP address rejected. o 403.7 - Client certificate required. o 403.8 - Site access denied. o 403.9 - Too many users. o 403.10 - Invalid configuration. o 403.11 - Password change. o 403.12 - Mapper denied access. o 403.13 - Client certificate revoked. o 403.14 - Directory listing denied. o 403.15 - Client Access Licenses exceeded. o 403.16 - Client certificate is untrusted or invalid. o 403.17 - Client certificate has expired or is not yet valid. o 403.18 - Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0. o 403.19 - Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0. o 403.20 - Passport logon failed. This error code is specific to IIS 6.0. * 404 - Not found. o 404.0 - (None) – File or directory not found. o 404.1 - Web site not accessible on the requested port. o 404.2 - Web service extension lockdown policy prevents this request. o 404.3 - MIME map policy prevents this request. * 405 - HTTP verb used to access this page is not allowed (method not allowed.) * 406 - Client browser does not accept the MIME type of the requested page. * 407 - Proxy authentication required. * 412 - Precondition failed. * 413 – Request entity too large. * 414 - Request-URI too long. * 415 – Unsupported media type. * 416 – Requested range not satisfiable. * 417 – Execution failed. * 423 – Locked error. 5xx - Server Error The server cannot complete the request because it encounters an error. * 500 - Internal server error. o 500.12 - Application is busy restarting on the Web server. o 500.13 - Web server is too busy. o 500.15 - Direct requests for Global.asa are not allowed. o 500.16 – UNC authorization credentials incorrect. This error code is specific to IIS 6.0. o 500.18 – URL authorization store cannot be opened. This error code is specific to IIS 6.0. o 500.19 - Data for this file is configured improperly in the metabase. o 500.100 - Internal ASP error. * 501 - Header values specify a configuration that is not implemented. * 502 - Web server received an invalid response while acting as a gateway or proxy. o 502.1 - CGI application timeout. o 502.2 - Error in CGI application. * 503 - Service unavailable. This error code is specific to IIS 6.0. * 504 - Gateway timeout. * 505 - HTTP version not supported.
The HTTP status codes in IIS 7.0 http://support.microsoft.com/kb/943891#top
Description of Microsoft Internet Information Services (IIS) 5.0 and 6.0 status codes http://support.microsoft.com/kb/318380#top
Users rarely encounter 500.11 and 500.12 errors in their browser. These errors indicate that the ASP application to which the requested ASP page belongs is in the process of shutting down, restarting, or both. Restarts and shutdowns can be triggered directly from code when the built-in APIs available to ASP developers are used. Occasionally, these errors occur when the Global.asa file for the application (if one exists) is updated or altered in such a way that a file change notification is issued. Because IIS monitors for file change notifications on ASP content, IIS receives this notification, and because the file is the Global.asa file, IIS restarts the application.
If users often encounter these errors in their browser and you are certain that the code in the Global.asa file is not being updated, virus scanning and backup software, which sometimes sweep the ASP content and trigger a notification, might be causing these errors.
ASP requests are executed by threads from a pool of threads whose size is limited to 25 threads per processor, by default. If more ASP requests arrive than there are threads available to execute them, ASP places the extra requests in a queue, where they wait until a thread becomes available. By default, this queue is limited to 3000 requests. If the queue becomes full, the next ASP request, instead of being queued, causes a 500.13-Web server too busy error. The number of requests that can wait in the queue is controlled by the AspRequestQueueMax metabase property. Change the AspRequestQueueMax property to produce the desired user experience — a smaller queue allows users to more quickly see the 500.13 error when ASP requests are backed up.
If users encounter this error, select the Active Server Pages/Requests Queued performance counter check box. If the queue fills up, but ultimately empties again, or if the queue remains partially filled but requests move through very quickly, there probably is not a problem, just a spike in traffic. However, if the queue remains partially or completely full for a sustained period and requests do not appear to be moving through quickly enough, there might be a problem.
500.16-UNC Authorization Credentials Are Incorrect
Problems with content stored on remote file servers can be more complex than problems with locally stored content. The 500.16 error indicates that there is a specific configuration problem with remotely stored content. When IIS is configured to use specific credentials to access the UNC path in the metabase, it uses those credentials to open the content on the remote file server. To do this, IIS uses a Windows logon API to obtain a security token that it can use to impersonate a security identity when accessing the remotely stored content. If the call to the Windows logon API fails, indicating that there is a problem with the user name or password, IIS returns an HTTP 500.16 error.
IIS URL Authorization is a security feature that is new in IIS 6.0. Among other administrative tasks, IIS URL Authorization configures the Authorization Manager store by setting the AzStoreName metabase property. This store can be an XML file or an LDAP location. It is configured by setting the AzStoreName property to an appropriate string that represents the path to a store. For example: msxml://c:\MyStore.xml or msldap://CN=MyAzStore, CN=Program Data, DC=MyDomain, DC=com.
The 500.17 and 500.18 errors pertain to problems accessing the Authorization Manager store. A 500.17 error indicates that the store could not be found. To begin troubleshooting one of these errors, try to verify the path specified in the string by either opening the XML file or testing the LDAP path with a simple client, such as LDP.exe. For more information about LDP.exe, in Help and Support Center for Windows Server 2003, click Tools, and then click Windows Support Tools.
A 500.18 error typically indicates that the store was found, but could not be opened. The error description might contain information such as an HRESULT and description. However, this error generally occurs because there is an ACL–related problem. The security context that is used to open the store is that of the worker process identity. To troubleshoot, verify that the configured worker process identity is a member of the built-in IIS_WPG group and that this group has access to the store. File Monitor is a good utility to use in such a case.