Error 401: Unauthorized – No access to the website

Anyone who searches the internet will encounter not only interesting content, but occasionally also error messages. For many, this can be frustrating: Not only can you not visit the requested page, but you also don’t know what the displayed status code actually means. The meaning of the 401 error is quickly clarified, though: You don’t have access rights to the requested page. The source of this error is usually found rather quickly. Here we explain how you can avoid the problem and how this error occurs.

When you surf the internet, communication takes place between the client (your web browser) and the web server. Using HTTP, the underlying internet protocol, the browser, and client exchange status codes with one another. A large part of these status messages isn’t seen when you’re surfing the net, since as long as everything is running smoothly they aren’t displayed.

The HTTP status codes are divided into groups: The first three groups are those that generally aren’t displayed to you in the browser. All codes in the 100s range describe ongoing requests. The codes 200 to 226 indicate that the browser’s request was successfully performed. The messages given in the 300s, though, refer to redirections. What is displayed to you from time to time, though, are the error messages: All status messages from the 500s range describe errors on the server side. The errors 400 to 499 note problems related to the client.

So with a 401 there is also an HTTP code that indicates an error in the client. In this sense, “client” can have very different meanings for the error message, since it just means the instance of communication with the webserver. This could be the browser, but could also be the router or even the internet provider used to make the connection. In many cases, however, the internet user has caused the error themselves.

Sometimes, instead of “401 Unauthorized” you could also get the message “401 Authorization Required.” Both basically mean that you don’t have permission for the requested website and must log in first. If the webserver runs with Microsoft IIS, even more specific status codes are often displayed:

• 401.1: Login failed
• 401.2: Login failed due to server configurations
• 401.3: Requested content refused by an Access Control List (ACL)
• 401.4: Authorization failed due to a filter
• 401.5: Authorization failed due to an ISAPI/CGI application

In the best-case scenario, you land on a specially designed error page that describes directly what you have to do.

In most situations, you can correct the 401 error pretty easily: The affected internet page has a section that is only released following authorization. So to access the desired web page, you need to enter your log-in data in the corresponding area. If you don’t have an account on the website yet, you need to create one and register with it. You will most likely find hyperlinks for this on the start page or in a section of the header. The error page is then displayed if you try to skip such a login step and enter the link to the blocked page directly in your web browser.

This is why you can also get an error message if you follow an external link. If the page hidden behind the link is located in a password-protected area, then it’s highly likely that your browser will display a 401 error. Then, it’s best to either go directly to the home page or try to reach the next-highest level within the folder structure of the website. In the example example.com/folder1/folder2/folder3you could try out example.com/folder1/folder2 next. Maybe the upstream file is already accessible to you.

In case you’ve generated the error by typing it in your browser, you should check the URL again: You may have swapped just one letter or one digit, and therefore entered the password-protected area.

But the error can even be encountered when you’ve already tried to login. Some websites display the 401 status code if you’ve simply entered the wrong login information. You may have mistyped your password, username, or e-mail address. Go back a page and enter your data once again.

To make mistakes is human: So it can definitely occur that you’ve forgotten your login data. In this case, you have to contact the website operator. This can tell you your username or reset your password. Many websites have an automatic application set up for this. It will send you a link via e-mail where you can create a new password.

Sometimes, it could be the case that you’ve done everything right: You logged in properly using the correct form, the data entered was correct, and yet you’re still greeted with a 401 error code. It’s probably an error with the server then, which the system has just interpreted as a 401 error. In such situations, which can also occur in the course of other error codes, two solutions have proven themselves as promising in the past:

1. Wait and reload the page: In many cases, the easiest solution is also the most effective: Since website operators understandably want their pages to always be available, you usually just have to wait until they’ve solved the problem. Exercise a little patience, and later try reloading the website. To make extra sure, first delete your cache and cookies so that the browser doesn’t accidentally load the problematic page from its internal storage.
   
   
2. Contact the website operator: Of course, there’s also the possibility that nobody knows about the problem yet – which may also be due to the fact that you’re the only one encountering the error. Then, establish contact with the operator of the website. Most of the time, you can find their e-mail address in the site notice. Even if you’re the cause of the error, the operator may be able to help you solve the problem. Give them as much information as possible about your system to reach a solution as quickly as possible.

If you were able to access the page in question in the past and there was no password protection, you can still access the content of the website despite the error by using a small detour. Google creates a cache for websites that internally saves a temporary copy of the site. In the Google search bar, simply enter cache:http://example.com/ and instead of “example.com” and enter the URL in question to access the saved version. This can also be a subpage. A header back informs you of when the copy is from. Remember that you won’t find any current information there, and instead only see the copy of a previous page version. If you want to go further back into the past of the website, you can access the archive of the Wayback Machine. There, you’ll find some decades-old versions of websites.

The two status codes have very different causes: While 401 means “Authorization Required,” the 403 status message usually contains the addition “Forbidden”: Access is not allowed. As we noted, with the 401 error the system is informing you that you have to log on to view the page. As such, there should be a login for you on a higher level. This is not provided with a 403 error. The website operator forbids access to this area of the website, and offers no possibility to register for it. These pages or directories are for internal use only and shouldn’t be accessed by external internet users.