So let us take a guess, you tried to access your site and got hit by a notice saying that you don’t have the right permissions or that something is forbidden? That my friends is called a 403 forbidden error.
We know all errors are scary, and so is this one. But don’t worry everyone who uses the internet will come across this or some other error at one point.Got the #403 #ForbiddenError? Here are some quick fixes to help you remove it! Click To Tweet
Now, why is the 403 forbidden error so frustrating? Well let’s start by naming the most common situations in which people face this error:
- Logging onto a site
- Editing/viewing pages or posts
- During a WordPress installation
- During a site migration
As you can see, this error can happen in a bunch of unrelated situations and what’s even worse, it comes with an error message that isn’t that detailed and is usually something along the lines of access is denied, forbidden, not allowed to access, not authorized to view, etc.
Luckily for you, and everyone else facing the error, it’s pretty easy to troubleshoot and solve it. And that is exactly what we will teach you how to do in this article.
But in order to do that, we’ll first talk about what this error actually is and what it represents.
The Meaning of the 403 Forbidden Error
If you find yourself in the unfortunate situation of coming across this error, you’ll most likely see a message similar to the one displayed in the image above. To you as a non-technical person this doesn’t mean anything, so let’s break it down.
The 403 forbidden error is an HTTP status code that web servers use to communicate with a web browser. You seeing the error means that your web server understood the message from your web browser but cannot fulfill it. In other words, it means that what you want to do is possible, but you don’t have the proper permissions to make it happen for whatever reason.
Another thing to note is that sometimes the error might not occur in the form of a 403 status code. Instead, it can be presented in the form of an “Access denied” or “You don’t have the authorization to view this page” notice.
Why Does the 403 Forbidden Error Happen
Two causes are thought to be the most common culprits for this error and those are:
- Corrupt .htaccess file
- Incorrect file permissions
Besides that, it’s also possible that your site might have issues caused by plugins that are corrupted or blocking IP addresses.
Considering the fact that there are multiple causes, there will be multiple solutions as well, and let’s start exploring them, shall we?
How to Fix the 403 Forbidden Error
As with any error, before attempting to fix this one, you should definitely create a backup of your site. Having a backup will come in very handy if you mess something up or find yourself in an unfamiliar situation.
In some cases, your hosting provider will be making backups for you, but if they don’t, you can always use a backup plugin.
With that out of the way, let’s see what are the possible solutions.
1. Plugin Deactivation
As we have said earlier, this error could be caused by a faulty plugin, a too restrictive plugin, or a computability issue between two plugins. In any case, the fastest way to solve this is to deactivate all your plugins and then reactivate them one by one.
Once you do find the plugin that was causing the issue, you can then completely remove it, or maybe try updating it to see if that was the reason it was misbehaving.
The easiest way to deactivate plugins is of course not manually, but instead using the WP Reset plugin.
This plugin will come with a bunch of resetting tools ranging from a complete site reset to a partial site reset that will clear out either everything or just specific aspects of your site, your plugins for instance.
What’s even better, you’ll have the option of creating plugin and theme collections which you can then install in just a click after you have reset your site.
But these are just some of the features offered by the plugin. To learn about the rest, feel free to visit the plugin’s official website!
2. Fixing Corrupt .htaccess File
The .htaccess file is a very powerful configuration file used by the Apache webserver. Using it you can do lots of things such as setting up redirects, restricting access, and so on. But with great power comes great responsibly, meaning that the slightest error within the file can cause an issue. One of those issues being the 403 forbidden error.
Since the file is full of data that isn’t that easy to read, instead of trying to find the error within the file, it’s easier to generate a new one.
Generating a new file is done by:
- Connecting to your server via FTP
- Going into the root folder and finding the .htaccess file
- Downloading a copy of the file to your computer
- Deleting the .htaccess that is on your server
Now, to generate a new .htaccess file you have to:
- Go to your WordPress dashboard, then to Settings > Permalinks
- Click the Save Changes button
3. Fixing the File Permissions
If not one of the above-mentioned solutions helped you solve the 403 forbidden error, this means that the root of the error is file permissions. Why? Well using the file permission the server knows which users have which abilities (read, write, execute) and if they are wrong the server will assume you aren’t allowed to do one or all of these things.
Usually, these permissions work without an issue, but in some cases, they do get messed up for whatever reason and can cause the 403 forbidden error among others.
When it comes to fixing the permissions, it’s best you ask your hosting provider since there is a risk of you causing even more issues. But if you still want to do it on your own, this is how:
Connect to the site via an FTP client and navigate to the root folder. Right-click on wp-admin and select file permissions.
The file permissions should be displayed in a dialog box.
For your folders, the permissions should be 744 or 755. And for the files, they should be 640.
Also, make sure that the box next to “Recurse into subdirectories” is checked, as well as the option to “Apply to files only”. Then, you can click OK.
If the permissions were the source of the issue, after doing these steps, the 403 forbidden error should be gone.
4. Deactivate CDN Temporarily
To resolve it, simply disable the CND for a temporary amount of time.
5. Remove mod_security
Mod_security is an open-source firewall used by some servers. And in some cases, if it’s not configured properly, it can cause the 403 forbidden error.
Luckily, it’s easy to remove and can be done by contacting your hosting provider or by adding the code below to the top of your .htaccess file:
<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>
Now, check if the error is gone. If not, remove the code from the .htaccess file since it could lead to security issues.
Last Resort: Reach Out to Your Hosting Provider
If none of our advice worked for you, you still have one option. And that is, ask your hosting provider for help.
Don’t worry, they deal with this all the time so they should be able to assist you.
Hopefully, this article helped you understand the meaning and causes of the 403 forbidden error and also provided you with a solution for resolving it.
If anything wasn’t explained clearly enough, or you want to leave feedback, please do in the comments below!