hack3rs.ca network-security
/400/ :: http-status::400

root@hack3rs:/srv/www$ curl -i /400/

HTTP/1.1 400 Bad Request

The server rejected the request before processing it.

status-summary.log
HTTP 400 Bad Request

The request was malformed — bad syntax, missing required fields, wrong encoding, or a payload the endpoint cannot parse.

Check the request structure first, not the server. Bad request bodies, wrong Content-Type headers, and invalid query strings are the most common culprits.

likely-causes.lst
  • $Malformed URL, query string, or request body.
  • $Missing or incorrect Content-Type header.
  • $JSON payload that fails to parse (trailing comma, unescaped character).
  • $WAF or reverse proxy rejected a non-compliant request before it reached the app.
recovery-steps.md
  1. Replay the request with a known-good minimal payload to isolate the bad field.
  2. Confirm required headers — Content-Type, Authorization — are present and correctly formatted.
  3. Run the JSON body through a linter to catch syntax errors.
  4. Check proxy or WAF logs for the specific rejection reason.
quick-actions.sh
open / Return to the home terminal open /learning Browse structured learning modules open /errors View the full HTTP error reference open /contact Report a broken link or page issue
ops-note.txt

Use these pages for debugging and user guidance. In production, configure your host or reverse proxy to return the matching HTTP status code for the route (especially for 400 and 404/500 responses) rather than serving a 200 with error-themed content.