What is HTTP 423 Status Code (Locked Error)?

Reliqus Marketing

29 May 2024

HTTP Status Codes
By Ankit Bhatia
Founder & CEO

Have you ever encountered a HTTP 423 Status Code “Locked” Error while browsing the web? If so, you may have wondered what this error means and how to fix it. At Reliqus Consulting, we specialize in providing clear explanations and solutions for technical issues like these.

This error is part of the HTTP response status codes and indicates that the resource you are trying to access is currently locked. This could be due to various reasons, such as server maintenance, a high volume of traffic, or an issue with your account or credentials. 

In this blog post, we will delve into the meaning of the HTTP 423 Status Code Error and provide tips on how to resolve this issue. So, let’s dive in and understand more about this error and how to overcome it.

What Does HTTP 423 Status Code Mean?

The 423 HTTP Status Code signifies that the requested resource on the server is locked and cannot be accessed at the moment. This status code is part of the WebDAV (Web Distributed Authoring and Versioning) extension, a set of extensions to the HTTP protocol that allows users to edit and manage files on remote web servers collaboratively. 

When a resource is locked, it means that some operation is currently being performed on it, such as editing or updating, that requires exclusive access. The lock is intended to prevent other operations from interfering, ensuring data consistency and integrity. 

This code is handy in applications where multiple users might attempt to modify the same resource simultaneously. Unlike other HTTP status codes that might suggest a permanent issue with the requested resource, the 423 HTTP code indicates a temporary state

An application’s logic could set the lock to manage concurrent access or as part of a more significant transaction that still needs to be completed. 

Source: RFC4918 Section 11.3

⚠️Note: It is possible to lock a resource only on some WebDAV servers. The browsers that access web pages will never encounter this status code; if it occurs by mistake, they will treat it as a generic 400 status code.

HTTP 423 Status Code References

Rails HTTP Status Symbol :locked

Symfony HTTP Status Constant Response::HTTP_LOCKED

.NET HttpStatusCode.Locked

Rust http::StatusCode::LOCKED

Go http.StatusLocked

Python3.5+ http.HTTPStatus.LOCKED

Apache HttpComponents Core org.apache.hc.core5.http.HttpStatus.SC_LOCKED

Angular @angular/common/http/HttpStatusCode.Locked

423 HTTP Response Status Code Example


GET /example-resource HTTP/1.1

Host: www.example.com


HTTP/1.1 423 Locked

Content-Type: text/html

Retry-After: 120

Lock-Token: <opaquelocktoken:1234>

<!DOCTYPE html>



<title>Resource Locked</title>



<h1>423 Locked</h1>

<p>The resource you are trying to access is currently locked and unavailable.</p>



In this example, the server has responded with a 423 Locked status code. This response is a clear indication that the resource you’re trying to access is temporarily unavailable due to it being locked. The response includes a Retry-After header, suggesting you wait for a specific period, in this case, 120 seconds, before attempting to reaccess the document. Additionally, the response contains a Lock-Token header, providing an opaque token that uniquely identifies the lock on the resource. 

This example demonstrates how a web server communicates the locked status of a resource to a client, providing specific instructions for retrying the request after a certain period and the necessary token to identify the lock.

If there is a Lock-Token header value in the LOCK request, the client can use that value to unlock the resource:


LOCK /example-resource HTTP/1.1

Host: www.example.com

Lock-Token: <opaquelocktoken:1234>

If: <etag-of-the-locked-resource>


HTTP/1.1 200 OK

Here, the client issues a LOCK request along with an If header containing the ETag of the resource to be locked and the Lock-Token header value returned in the previous response. As a result, the server sends a 200 OK status code, indicating that the resource is now unlocked and available for access.

How to Use 423 HTTP Status Codes for a Website?

To effectively implement the HTTP 423 Status Code on a website, web developers can utilize server-side scripting languages such as JavaScript, Python, Ruby, PHP, Java, C#.Net, Perl, C++, Scala, and Kotlin.

By incorporating the “header” function within these languages, developers can programmatically lock a resource when certain conditions are met, such as during an editing session or when exclusive access is required. Reliqus Consulting can assist in setting up these mechanisms to ensure smooth operation and user communication.

This ensures that users are informed of the locked state through a clear response, allowing them to understand that the resource is temporarily unavailable and encouraging them to retry their request later.

For more information on HTTP status codes and their uses, check out our HTTP Status Codes blog

What Causes a 423 Locked Status Code?

Several factors can trigger an HTTP 423 status code, making it essential for web users and developers to understand these potential causes.

These include:

  1. A user is attempting to modify a document that another individual is currently editing.
  2. The website is in a maintenance phase, rendering specific content temporarily unavailable.
  3. Detection of unusual activity associated with an account, prompting a security-induced lockdown.
  4. Access attempts to a locked resource with invalid or outdated credentials.
  5. Misconfigurations or errors within the server or application lead to resources being incorrectly locked or not unlocking appropriately after usage.
  6. Automatic locking of resources by specific processes or operations, such as during data backup or migration tasks, to preserve data integrity.
  7. Usage of a 423 Locked error to signify restricted access to a resource, although other status codes like 403 Forbidden are more typically employed for expressing access limitations.

How to Troubleshoot a 423 HTTP Response Status Code?

Troubleshooting a HTTP 423 Status Code Locked Error requires a systematic approach to identify and resolve the issue causing the resource to be locked.

Here are some strategies to consider:

  1. Wait for the Temporary Lock to Release: Some locks are programmed to expire after a certain period. If the lock is temporary, giving it some time may resolve the issue without further action needed.
  2. Contact the Website or Application Owner: Reaching out to the administrators can provide insights into why the resource is locked and when it might become available again. They may offer specific instructions or expedite the unlocking process.
  3. Access the Resource from a Different Device or Network: Sometimes, the lock might be related to issues with your current device or network configuration. Attempting access from a different setup can help determine if the problem is localized.
  4. Refer to Server Documentation for Unlocking Procedures: Some servers have specific methods, often involving the PUT method, for unlocking resources. Familiarizing yourself with these procedures can guide you through the unlocking process.
  5. Review User Permissions and Roles: Ensure that your account has the correct permissions and roles assigned within the WebDAV server or content management system to access and modify the locked resource.
  6. Attempt a System Refresh or Server Restart: This essential step can resolve temporary issues causing the resource to remain locked. It’s a straightforward approach but surprisingly effective in many cases.
  7. Conduct a Security Audit: Use security software to scan for malware or other threats that might have led to the resource being locked. Addressing these security concerns may allow for the resource to be unlocked.
  8. Monitor Server Logs and Use SEO Audit Tools: Keeping an eye on server logs and employing SEO audit tools can help detect the occurrence of 423 error-locked status codes. Regular monitoring allows for timely identification and resolution of issues leading to resource locking.

Server and Client-Side Troubleshooting

Troubleshooting the 423 Status Code Locked Error requires a detailed examination of both server and client-side factors. 

Here’s how you can approach this issue from both ends:

  1. On the server side:
  • Review server logs carefully for any signs of anomalies or indicators of overload that could contribute to resource locking.
  • Assess any security protocols in place that might be locking resources preemptively as a protective measure against potential threats or unauthorized access attempts.
  1. On the client side:
  • Verify that the correct URL is being accessed and that there has yet to be a final response that has already set the resource to a locked status.
  • For developers, it’s critical to ensure that your application’s code logic thoroughly accounts for potential scenarios where resource locking might occur, thereby preventing operational conflicts that could lead to a 423 Locked error. 

Addressing these areas meticulously can help identify the root cause of the 423 Locked status code and guide towards the appropriate corrective actions.

How to Prevent an HTTP 423 Status Code?

To mitigate the risk of encountering a 423 HTTP status code, consider adopting the following preventive measures:

  • Implement Version Control Systems: Use version control systems for collaborative document editing to prevent simultaneous modifications that could lead to locking.
  • Regular Security Updates: Ensure your system, website, or application regularly receives security updates to thwart unauthorized attempts to access or lock resources.
  • Strengthen Access Controls: Utilize strong authentication and authorization protocols to minimize the chance of unauthorized access, reducing the likelihood of resources being unnecessarily locked.
  • Audit and Monitor Locks: Regularly review and audit resource locks to confirm they are still relevant and remove those that are obsolete or mistakenly applied.
  • Automatic Lock Expiry: Introduce mechanisms that automatically expire locks after a predefined duration to prevent resources from remaining locked indefinitely.
  • Educate Users and Developers: Train users and development teams on best practices for accessing and modifying resources to avoid actions that may result in resource locking.

423 Locked Status Code the Implications for SEO

In the realm of SEO, encountering a HTTP 423 status code presents a unique challenge. Search engine bots, which are responsible for crawling web pages to index content, cannot proceed when they hit a 423 locked error. This blockade prevents the affected page from being indexed, effectively rendering it invisible in search engine results pages (SERPs) for any relevant queries. 

The direct consequence of this invisibility is a notable decrease in organic traffic to the page.

Beyond individual pages, a high frequency of 423 error status codes could signal to search engines that there are broader accessibility issues on the website. This perception could harm the website’s overall SEO standing, potentially demoting its rank across the board, not just for the specific URLs that are locked.

Given these implications, those in charge of website maintenance and SEO strategy must keep a vigilant eye on 423 HTTP status codes. Prompt action to resolve these issues ensures the site remains accessible to both users and search engine bots, safeguarding the site’s visibility and performance in search results.

What are the Related HTTP Response Headers with 423 HTTP Status Codes?

  • 414 URI Too Long HTTP Status Code: This status code is related to the 423 Status Code because they both fall under the category of client error responses. When a URI (Uniform Resource Identifier) is too long for a server to interpret, a 414 error is returned, indicating that the request cannot be processed due to its length.
  • 418 I’m a teapot HTTP Status Code: Although humorous and originally an April Fool’s joke, the 418 status code shares a connection with 423 in that they are both considered client error responses. This code humorously indicates that the server refuses to brew coffee because it is, in fact, a teapot, emphasizing the non-standard nature of specific client requests.


At Reliqus Consulting, our goal is to empower you with the knowledge to effectively address and overcome challenges such as the HTTP 423 Status Code. 

By grasping the essence of this error, along with its potential triggers and fixes, you’re better equipped to manage your web projects with efficiency and confidence. 

Ensuring your digital assets remain available and your site functions without interruption is crucial in today’s online landscape. We hope this insight into the 423 Locked HTTP Status Code assists you in maintaining a seamless web experience for all users.


1. What is the Difference Between a 412 and a 423 Status Code? 

A 412 status code, “Precondition Failed,” indicates the server does not meet one of the preconditions that the requester put on the request. Meanwhile, a 423 status code, “Locked,” signals that the targeted resource is locked and cannot be accessed or modified, which is often used in contexts where resources are edited collaboratively.

2. What does it mean when a request fails with a 423 status code? 

If a request fails with a 423 status code, it signifies that the resource you are attempting to access or modify is locked. This usually occurs in collaborative environments or due to specific security protocols to prevent unauthorized changes.

3. How to Check for a 423 HTTP Status Code? 

To check for a 423 HTTP Status Code, you can use the network tab and developer tools in your web browsers. This section will list all the resources requested by the client, along with their corresponding HTTP response codes.

4. Which HTTP Method is Associated with the 423 HTTP Status Code? 

Although the 423 status code can theoretically be returned in response to any HTTP method, it is most commonly associated with the POST method, where a request to modify a locked resource is denied.

5. What is the Browsers Compatibility of the 423 HTTP Status Code? 

The 423 HTTP Status Code is supported across all major browsers, including Chrome, Edge, Firefox, Internet Explorer, Opera, Safari, and Webview Android. This ensures a consistent user experience regardless of the browser used when encountering this error.

Ankit Bhatia

Founder & CEO at Reliqus

With 12+ years of experience building a web presence for 300+ businesses, Ankit understands how businesses can use technology to increase revenue.

Latest from the blog

What is HTTP 428 Status Code (Precondition Required)?

For many website owners and developers, the HTTP 428 Status Code can be a source of frustration. Its implications are often misunderstood, leadin...

What is HTTP 426 Status Code (Upgrade Required)?

Have you ever encountered an HTTP 426 Status Code while browsing the web and wondered what it means? Don’t worry, you’re not alone. T...

What is HTTP 425 Status Code (Too Early)?

Are you familiar with the various HTTP status codes that pop up on your screen while browsing the web? You’ve likely encountered common one...

What is HTTP 424 Status Code (Failed Dependency)?

If you have ever encountered an HTTP 424 Status Code Error while browsing the web, you may have been left scratching your head and wondering what...