← All Status Codes
400
Bad Request
⚠️ Client Error Low Risk

📖 What Is HTTP 400?

The server cannot process the request due to malformed syntax, invalid request framing, or deceptive request routing.

🛡️ Security Implications

Often triggered by security scanners and attack attempts. A high volume of 400 errors may indicate active scanning or fuzzing.

🔍 Common Causes

Malformed JSON/XML body, missing required parameters, invalid URL encoding, oversized headers, or corrupted request.

🔧 How to Fix

Check request format and encoding. Validate Content-Type matches the body format. Check for special characters in URLs.

🖥️ How to Check

curl -I -o /dev/null -w "%{http_code}" https://example.com

🔗 Related Client Error Codes

401
Unauthorized
403
Forbidden
404
Not Found
405
Method Not Allowed
406
Not Acceptable
407
Proxy Auth Required
408
Request Timeout
409
Conflict
📚 Learn Web Security — Free Course