Nothing while in the spec says otherwise, and infrequently You cannot use a 401 in that circumstance due to the fact returning a 401 is barely lawful if you include things like a WWW-Authenticate header. This is often an action known as wardriving. As soon as hackers are linked to http://pigpgs.com