Skip to content

Status Codes

Fresh

Reference for HTTP and MainWP-specific error codes.

HTTP Status Codes

Success (2xx)

CodeMeaningMainWP Context
200OKRequest succeeded
201CreatedResource created (site, client, tag)
204No ContentDeletion succeeded

Client Errors (4xx)

CodeMeaningMainWP Context
400Bad RequestInvalid parameters, missing required fields
401UnauthorizedInvalid API key, expired Application Password
403ForbiddenUser lacks required WordPress capability
404Not FoundResource doesn't exist (site_id, client_id, etc.)
405Method Not AllowedWrong HTTP method (GET vs POST)
409ConflictDuplicate resource (site URL already exists)
422Unprocessable EntityValidation failed (invalid URL format, etc.)
429Too Many RequestsRate limit exceeded

Server Errors (5xx)

CodeMeaningMainWP Context
500Internal Server ErrorPHP error, database issue
502Bad GatewayReverse proxy can't reach PHP
503Service UnavailableServer overloaded or in maintenance
504Gateway TimeoutRequest took too long (increase timeouts)

MainWP-Specific Error Codes

REST API v2 Errors

Error CodeDescriptionFix
mainwp_rest_invalid_api_keyAPI key missing or invalidGenerate new key in Dashboard → REST API Keys
mainwp_rest_forbiddenUser cannot perform actionCheck user capabilities
mainwp_rest_site_not_foundSite ID doesn't existVerify site_id with list endpoint
mainwp_rest_site_disconnectedSite not connectedReconnect the site
mainwp_rest_child_errorChild site returned errorCheck child site logs
mainwp_rest_timeoutChild site didn't respondIncrease timeout, check connectivity
mainwp_rest_invalid_paramParameter validation failedCheck parameter types and formats

Abilities API Errors

Error CodeHTTPDescription
ability_not_found404Ability slug doesn't exist
invalid_input400Input validation failed
missing_required_input400Required parameter not provided
unauthorized401Not authenticated
forbidden403Lacks required capability
confirmation_required400Destructive action needs confirm token
confirmation_expired400Confirm token older than 5 minutes
safe_mode_blocked403MAINWP_SAFE_MODE is enabled
rate_limited429Too many requests per minute
batch_queued202Operation queued (>200 sites)

MCP Server Errors

ErrorCauseFix
ECONNREFUSEDCan't reach DashboardCheck URL, firewall, DNS
401 UnauthorizedBad credentialsVerify username + Application Password
403 ForbiddenMissing capabilitiesUser needs admin role
SSL_ERRORCertificate issueFix cert or set MAINWP_SKIP_SSL_VERIFY=true
TIMEOUTRequest too slowIncrease MAINWP_REQUEST_TIMEOUT

Abilities API Error Response Format

json
{
  "code": "invalid_input",
  "message": "The field 'site_id' is required.",
  "data": {
    "status": 400,
    "field": "site_id",
    "expected": "integer"
  }
}

Abilities API Annotations

Responses may include annotations providing additional context:

AnnotationTypeDescription
infoInformationalHelpful context about the response
warningWarningPotential issue to be aware of
errorErrorSomething went wrong for specific items
suggestionSuggestionRecommended next action

Example:

json
{
  "results": [...],
  "annotations": [
    {
      "type": "warning",
      "message": "3 sites were unreachable during this operation"
    },
    {
      "type": "suggestion",
      "message": "Run sync on unreachable sites before retrying"
    }
  ]
}

Rate Limiting

REST API v2

SettingDefault
Requests per minuteNo hard limit (server-dependent)
Concurrent connectionsServer-dependent

Abilities API

SettingDefaultConfigurable
Requests per minute60MAINWP_RATE_LIMIT env var
Burst allowance10Not configurable

Rate Limit Response Headers

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1234567890
Retry-After: 30