451 Unavailable For Legal Reasons
Usage
The 451 Unavailable For Legal Reasons status code does not confirm or deny the existence of the resource. The server refuses access due to a legal demand and is permitted to state as much.
The resource is blocked due to censorship. This HTTP status code pays homage to the Ray Bradbury novel Fahrenheit 451.
Examples of where the 451 Unavailable For Legal Reasons response applies depend on the laws of the country of access. Common cases include copyright infringement, privacy violations, and gambling sites. Any situation involving a court order, such as a publication ban, warrants this code. The 403 response is the more general version of the error.
The transparency of this code allows third-party collection of statistics related to the number and categories of sites taken down due to censorship.
In some cases, clients access resources through alternative methods. A VPN or the Tor network shrouds the point of origin, and a proxy server redirects browser traffic to another country.
As part of the response, the server includes a Link header identifying the party blocking the request. This is the group responsible for blocking the content, not the group mandating the block. Information about the policy-setter goes in the message body.
Microsoft Exchange ActiveSync Usage
The 451 Redirect error message means the client connects to the wrong server. Either the user’s mailbox is inaccessible from this server, or a more efficient server exists.
When the response includes an X-MS-Location header, subsequent requests use the address in the header. Without the X-MS-Location header, the full Autodiscover process runs.
Example
A client requests a resource and the server responds with 451 Unavailable For Legal Reasons. The Link header identifies the entity responsible for blocking the content.
Request
GET /tech-trial-updates HTTP/1.1
Host: example.com
Response
HTTP/1.1 451 Unavailable For Legal Reasons
Link: <https://example.com/legaldept>; rel="blocked-by"
Content-Type: text/html
Content-Length: 174
<html>
<head>
<title>Publication Ban</title>
</head>
<body>
<p>The requested content is unavailable due
to a government-ordered publication ban.</p>
</body>
</html>
How to fix
No technical fix exists on the client side. The server blocks access because a legal demand requires the restriction. The resource itself remains intact on the server but is not served.
Read the Link header in the response. The rel=“blocked-by” relation identifies the entity enforcing the block (ISP, DNS provider, or hosting platform), not the legal authority mandating the block. Contact the blocking entity for details about the demand.
Read the response body for an explanation of the legal basis, the party making the demand, and the applicable legislation or regulation. Servers are recommended to include this information.
Access from a different geographic region bypasses region-specific legal blocks in some cases. A VPN or the Tor network routes requests through a jurisdiction where the restriction does not apply.
For server operators
Return the Link header with rel=“blocked-by” pointing to the entity responsible for enforcing the block:
Link: <https://legal.example.re>; rel="blocked-by"
Include a clear explanation of the legal demand in the response body: the specific law, the demanding authority, and the classes of content or persons affected.
Set appropriate Caching headers. Add Cache-Control: no-store if the legal status of the resource changes frequently.
For Microsoft Exchange ActiveSync
A 451 Redirect from Exchange means the client connected to the wrong server. Check the X-MS-Location header in the response and redirect subsequent requests to the address specified. Without an X-MS-Location header, re-run the full Autodiscover process to locate the correct mailbox server.
Code references
.NET
HttpStatusCode.UnavailableForLegalReasons
Rust
http::StatusCode::UNAVAILABLE_FOR_LEGAL_REASONS
Rails
:unavailable_for_legal_reasons
Go
http.StatusUnavailableForLegalReasons
Symfony
Response::HTTP_UNAVAILABLE_FOR_LEGAL_REASONS
Python3.5+
http.HTTPStatus.UNAVAILABLE_FOR_LEGAL_REASONS
Apache HttpComponents Core
org.apache.hc.core5.http.HttpStatus
.SC_UNAVAILABLE_FOR_LEGAL_REASONS
Angular
@angular/common/http/HttpStatusCode
.UnavailableForLegalReasons