Seeing the “400 – Bad Request” or “400. That’s an error. The requested URL was not found on this server. That’s all we know.” error message can be frustrating for website visitors and stressful for site owners. But don’t panic – these errors can usually be fixed with a few tweaks.
This comprehensive guide will explain what the “400. That’s an Error. The Requested URL Was Not Found on This Server. That’s All We Know” message means, why you may be seeing it, and most importantly – how to troubleshoot and resolve the issues causing it on your WordPress or other CMS-powered website.
What is a 400 Bad Request Error?
The 400 status code stands for a bad request error. It occurs when the web server cannot understand or process the request sent by the client (web browser).
Some common reasons for a 400 error include:
Malformed request syntax – This happens when the client sends an invalid request that the server cannot understand. For example, the request may be missing vital information like headers or parameters needed to fulfill the request.
Invalid request message framing – Some requests require data to be sent in a specific format or framing. If the data formatting does not match what the server expects, it will reject the request with a 400.
Invalid semantics – The headers, parameters, or body data may be syntactically correct but contain invalid information. For instance, submitting letters in a field that only accepts numbers.
Essentially, a 400 means the server believes the error is the client’s fault due to a bad or malformed request.
Why Am I Getting a 400 Error?
There are a few common culprits for 400 bad request errors:
Incorrect URL
The most basic reason is that the URL the browser requested does not actually exist on your server. Maybe there was a typo or broken link.
Double-check that the URL you are trying to access is valid and points to an actual page or resource on your site.
Bad Plugin or Theme Code
Oftentimes, 400 errors stem from bugs or conflicts in WordPress plugins, themes, or custom code. If a recent plugin/theme install or code change preceded the 400, that is likely the issue.
Specifically, look for any plugin hooks or code that modifies URLs, request data, headers, etc. Caching plugins can also sometimes interfere with certain types of requests.
Incorrect HTTP Referrer
Some 400 errors are triggered by an invalid or missing HTTP referrer header. The referrer header tells the server which webpage is linked to the current request.
When this header value is incorrect or suspicious, some security plugins may reject the request with a 400 error.
Too Many Requests
If your site receives a spike in traffic, you may run into rate-limiting issues. Some servers and hosting providers will throttle requests after a certain volume threshold is reached.
The result is 400 errors due to too many requests being made within a short time span.
Malformed API Requests
For sites using REST APIs, 400 errors often indicate an API request was made with invalid parameters, headers, authentication, etc.
Developers should double-check all API documentation to ensure requests match the required formats.
Outdated Server Software
Web servers like Apache and Nginx need to be kept updated too. Using outdated, insecure software can cause compatibility issues resulting in 400-type errors.
Contact your host to check that your server is running the most recent stable software release.
How to Fix 400 Bad Request Errors
Here are some tips for troubleshooting and resolving 400 errors:
Check Error Logs
Start by checking your server and site error logs. The error logs should provide details about which files or requests are triggering the 400.
In WordPress, look under Dashboard > Tools > Error Log in the wp-admin. Your host may also have server error logs available.
Confirm Valid URL
Try accessing the problem URL directly to test if it loads properly. If not, there may be an incorrect link or typo somewhere.
Review your site’s navigation menus, hardcoded links, and redirects to fix any invalid URLs.
Disable Plugins & Swap Themes
Deactivate plugins one by one to see if the issue goes away. Also, try switching to a default WordPress theme like Twenty Twenty-One.
This isolates whether a plugin or custom theme code is responsible. Reactivate plugins until you find the problematic one.
Update Software
Install all pending software, plugins, and theme updates. Outdated versions are often more vulnerable to bugs and conflicts.
On WordPress sites, hit “Update Now” on Dashboard > Updates. Use auto-updates if possible.
Clear Caches
Flush all server and site caches completely. Cached data, pages, and assets can cause conflicts and confusion.
Install a cache-clearing plugin if needed. Most hosting providers also include cache reset options.
Check with Your Host
Open a support ticket with your hosting provider if nothing above helps. They can check for server-side software issues, blocked requests, and more.
Some hosts may limit or block requests after traffic spikes too. Make sure you’re on an appropriate hosting plan.
Investigate with Debugging Tools
For developers, enable WP_DEBUG and install debugging plugins like Query Monitor to dig deeper into which requests, headers, parameters, etc are involved with the 400 errors.
Debugging reveals precisely which parts of requests are invalid or get rejected.
Modify Security Plugin Settings
If fixes like updating themes/plugins and clearing caches don’t work, overly strict security plugin settings may be blocking legitimate requests.
Try modifying plugin configs for WAF, firewalls, malware scanners, and other security tools. Relax URL, user-agent, referrer, and IP access rules.
Prevent 400 Errors in the Future
Here are some best practices to avoid bad request errors going forward:
- Use version control systems like Git when developing themes/plugins so you can easily roll back changes if something breaks.
- Implement 404 error handling so invalid URL requests redirect to a custom 404 page rather than a 400 error.
- Enable HTTP request and error logging in WordPress for easier debugging.
- Limit the use of .htaccess rules and redirects that modify requests and URLs.
- Use a site monitoring tool like Pingdom to quickly detect traffic spikes and errors.
- Cache common requests and pages to reduce load and strain on the server.
Following development best practices, keeping software updated, and proactively monitoring site traffic and errors can help avoid those pesky 400 bad request issues!
Conclusion
While 400 errors can be tricky to troubleshoot, they are typically fixable by tweaking plugin or .htaccess settings, updating outdated software, and debugging what specifically is malformed with the request.
Checking your site error logs and disabling plugins is a good starting point to isolate the culprit. If issues persist, don’t hesitate to open a support ticket with your host in case the problem is server-side. With a few targeted tweaks, you can get rid of frustrating 400 bad requests and restore seamless access for your site visitors.
