Since you are reading this, it means you recently have come across an error message saying 403 Forbidden – you don’t have permission to access ‘/’ on this server’. And most likely, you don’t have an idea about this error. Well, don’t worry! This is a quite commonly occurring error that many webmasters face.
It is worth to mention that 403 errors might differ depending on different circumstances. Also, this error can also occur due to a few changes that your hosting company might have made in their system or due to the implementation of some updates.
What is the 403 Forbidden Error?
Prior to going into deep and try to fix the 403 Forbidden Error, let’s first learn what it actually is. Basically, a 403 forbidden error is an HTTP status code. When you get this error message, you are basically trying to reach an address or a website that isn’t allowed to access.
Below are examples of some these errors that are commonly thrown:
- Forbidden: You don’t have permission to access [directory] on this server
- HTTP Error 403 – Forbidden
- 403 forbidden request forbidden by administrative rules
- 403 Forbidden
- Access Denied You don’t have permission to access
So, what causes these errors to occur?
Causes of 403 Forbidden Error
If you get a 403 Error message in between the development, it might disturb your work. The basic reason for this error is that you are accessing something that you don’t have the permission to. When your website throws a 403 forbidden error, it states that you don’t have the permissions to proceed further.
This error is basically due to:
- Incorrect file or folder permissions
- Incorrect settings in the .htaccess file
So, let’s take a quick look at how you can make it disappear.
Fixing the Error 403 Forbidden Message
Since you have learned the various factors causing the error, let’s now check how to get rid of it. The steps mentioned in this article are mainly for WordPress, but are applicable to other websites as well. Let’s go through them as below:
Method 1 – Checking .htaccess File
You might not know about the .htaccess file. This is because the file often it is hidden in the project directory. But, if you are using MilesWeb File Manager, you will able to see .htaccess by default.
In other cases, for instance, if you are using cPanel, access your hosting control panel with the help of File Manager to check the .htaccess file. Let’s go through the below steps:
- Go to the File Manager in your cPanel.
- In the public_html directory, find for .htaccess file.
- In case there isn’t any .htaccess file available, click on Settings and enable Show Hidden Files (dotfiles) option.
The .htaccess file is a server configuration file and mainly works by altering the configuration on the Apache Web Server settings.
The .htaccess file is present in almost all WordPress websites, but in some rare events, when your website doesn’t have a .htaccess file or is deleted unintentionally, you need to create a .htaccess file manually.
Please refer to this article: How To Edit A .htaccess File via the File Manager?
But, if this doesn’t solve the issue, go to the next step.
Method 2 – Resetting File and Directory Permissions
The next reason for encountering a 403 Error Forbidden message is bad permissions for your files or folders.
Generally, the files created come with certain default permissions. With these, you can control how you can read, write and execute the files for your use.
A FileZilla FTP client also offers all you need to edit file and folder permissions. Follow the below steps:
- Using any FTP client, access your website files.
- Go to the root directory of your hosting account.
- Choose the main folder containing all your website files (usually it’s public_html), right-click on it and click on File Permissions.
- Check the box of Apply to directories only, enter permission 755 in the numeric value field and click OK.
- Once FileZilla changes the folder permissions repeat the step 3, but this time select the apply to files only option and enter 644 in the numeric value field.
- After doing this, access your website now, and check if the error is solved.
In case, if nothing seems to happen, you can move onto the next step.
Method 3 – Disabling WordPress Plugins
If you have come till this step, it indicates that the error might have occurred due to an incompatible or faulty plugin.
In this step, you will learn to disable plugins to see if it fixes the 403 Forbidden Error.
It would be best to disable all the plugins at once instead of disabling them individually. With this step, you would be able to find the problem and work towards a solution. Here is what you have to do:
- Using FTP, access your hosting account and look for the public_html folder (or folder containing your WordPress installation files).
- Find the wp-content folder on the page.
- Search for the Plugins folder, and rename it to something different like ‘disabled-plugins’ for you to track.
Please refer to this article: How to Disable Plugins in WordPress?
After disabling all the plugins, try accessing your website again. Is your error resolved? If yes, a problematic plugin was the actual source of error. Then try deactivating plugins one by one, and check if your website is working normal now. In this way, you will be able to find the faulty plugin.
You can then select to update the plugin, if it is important or install a new one.
Method 4 – Disabling ModSecurity
ModSecurity is a web application firewall (WAF) deployed for web servers to secure them. It has Core Rule Set (CRS) to screen suspicious server requests.
These rules detect any malicious codes and malware that hackers may use for code injections. It corrupts the website scripts after entering the server and takes control over it.
The problem arises when the requests match against these rules. It will cause the 403 error and deny access to the user. If that is the case, the only way to do it is to temporarily disable the ModSecurity application and check if the issue rests with it or not.
Please refer to these articles:
How to Disable ModSecurity via cPanel?
How to Disable ModSecurity via DirectAdmin?
We recommend you do not keep the application disabled for too long. So, the next thing you do is contact your hosting provider to help you with it.
After following the above methods, you can resolve the 403 forbidden error. We know that this error is irritating, and won’t allow you to access your website. However, follow the above-mentioned steps one by one, and we’re sure, you’ll be able to bring your website in action.
Steps to Disable WordPress Plugins Without Accessing the WP – Admin