{"id":12816,"date":"2021-08-31T11:00:00","date_gmt":"2021-08-31T11:00:00","guid":{"rendered":"https:\/\/www.hostinger.com\/tutorials\/?p=12816"},"modified":"2026-04-28T13:46:36","modified_gmt":"2026-04-28T13:46:36","slug":"how-to-solve-403-forbidden-error","status":"publish","type":"post","link":"\/ng\/tutorials\/how-to-solve-403-forbidden-error","title":{"rendered":"How to fix the 403 Forbidden error (13 simple methods)"},"content":{"rendered":"<p>A <strong>403 Forbidden error<\/strong> is an HTTP status code that means the server understands your request but refuses to authorize access, usually due to permission or configuration issues.<\/p><p>The 403 Forbidden error appears in many forms depending on your browser and the server software your site runs on. Common variants include:<\/p><ul class=\"wp-block-list\">\n<li>403 Forbidden<\/li>\n\n\n\n<li>HTTP Error 403 &ndash; Forbidden<\/li>\n\n\n\n<li>Access Denied &ndash; You don&rsquo;t have permission to access [resource] on this server<\/li>\n\n\n\n<li>403 Forbidden &ndash; nginx<\/li>\n\n\n\n<li>403 Forbidden &ndash; openresty\/1.27.1.1 (or similar version string)<\/li>\n\n\n\n<li>403 Forbidden: Access to this resource on the server is denied!<\/li>\n\n\n\n<li>HTTP\/1.1 403 Forbidden<\/li>\n\n\n\n<li>Error 403 (Forbidden)!! Access is denied<\/li>\n\n\n\n<li>Forbidden: You don&rsquo;t have permission to access [directory] on this server<\/li>\n<\/ul><p>All of these are the same underlying error and are fixed by the same set of methods, but the message string can help you identify the server software involved and where to start troubleshooting.<\/p><p>\n\n\n\n<\/p><h2 class=\"wp-block-heading\" id=\"h-tldr\">TL;DR<\/h2><ul class=\"wp-block-list\">\n<li><strong>What is a 403 Forbidden error?<\/strong> An HTTP status code indicating that the server understood the request but refuses to authorize it.<\/li>\n\n\n\n<li><strong>Is it client-side or server-side?<\/strong> It is primarily a server-side issue, though it can be triggered by client-side problems like a corrupted cache or VPN.<\/li>\n\n\n\n<li><strong>What are the most common causes?<\/strong> Incorrect file permissions, a corrupted .htaccess file, or a misconfigured plugin are the most frequent causes.<\/li>\n\n\n\n<li><strong>How do I fix it?<\/strong> Start with client-side checks like clearing cache or disabling VPN, then move to server-side fixes such as resetting permissions or restoring configuration files.<\/li>\n<\/ul><figure tabindex=\"0\" class=\"wp-block-table is-style-regular\"><table class=\"has-fixed-layout\"><thead><tr><th>Status code<\/th><th>What it means<\/th><\/tr><\/thead><tbody><tr><td><strong>200 OK<\/strong><\/td><td>The request succeeded. You&rsquo;re in.<\/td><\/tr><tr><td><strong>401 Unauthorized<\/strong><\/td><td>You haven&rsquo;t logged in or your credentials are missing or invalid. Authentication will fix it.<\/td><\/tr><tr><td><strong>403 Forbidden<\/strong><\/td><td>You&rsquo;re authenticated, but the server still refuses access. Authentication won&rsquo;t fix it; you lack permission for this specific resource.<\/td><\/tr><tr><td><strong>404 Not Found<\/strong><\/td><td>The resource doesn&rsquo;t exist at all.<\/td><\/tr><\/tbody><\/table><\/figure><h2 class=\"wp-block-heading\" id=\"h-how-to-fix-403-forbidden-as-a-website-owner\"><strong>How to fix 403 Forbidden as a website owner<\/strong><\/h2><h3 class=\"wp-block-heading\" id=\"h-1-clear-your-browser-cache-and-cookies\">1. Clear your browser cache and cookies<\/h3><p>Browser cache stores outdated files, which can conflict with updated site permissions and trigger a 403 error. Cookies save login and preference data, and when they become corrupted or outdated, they may block access to some pages.<\/p><p>First, <a href=\"\/ng\/tutorials\/clear-browser-cache\">clear your browser cache<\/a> and cookies to remove any conflicting or outdated data. This forces the browser to fetch fresh files from the server, which can resolve access issues &ndash; though you&rsquo;ll need to log in again to most sites afterward.<\/p><p>Here&rsquo;s how to do it in Google Chrome (similar steps apply to Firefox and Safari):<\/p><ol class=\"wp-block-list\">\n<li>Click the three-dot icon in the top-right corner and select <strong>Settings<\/strong>.<\/li>\n\n\n\n<li>Go to <strong>Privacy and security<\/strong> &rarr; <strong>Delete browsing data<\/strong>.<\/li>\n\n\n\n<li>In the time range menu, choose <strong>All time<\/strong>.<\/li>\n\n\n\n<li>Check <strong>Cookies and other site data<\/strong> and <strong>Cached images and files<\/strong>.<\/li>\n\n\n\n<li>Click <strong>Delete data<\/strong> to remove them.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3d97e9\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"986\" height=\"934\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/10\/The-options-to-delete-browsing-history-cache-files-and-cookies-in-Chrome.png\/public\" alt=\"The Delete browsing data dialog in Google Chrome\" class=\"wp-image-118977\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/10\/The-options-to-delete-browsing-history-cache-files-and-cookies-in-Chrome.png\/w=986,fit=scale-down 986w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/10\/The-options-to-delete-browsing-history-cache-files-and-cookies-in-Chrome.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/10\/The-options-to-delete-browsing-history-cache-files-and-cookies-in-Chrome.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/10\/The-options-to-delete-browsing-history-cache-files-and-cookies-in-Chrome.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 986px) 100vw, 986px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>After clearing cache and cookies, revisit the website and try logging in to see if the 403 Forbidden error is resolved.<\/p><h3 class=\"wp-block-heading\" id=\"h-2-temporarily-disable-vpn\">2. Temporarily disable VPN<\/h3><p>A virtual private network (VPN) routes your connection through remote servers. However, some websites block these servers for security or regional compliance, often resulting in a 403 error.<\/p><p>Temporarily disable your VPN and try accessing the website again. If this resolves the issue, switch to a different VPN server or contact your VPN provider for guidance.<\/p><p>If these simple checks don&rsquo;t solve the problem, move on to the next steps, which involve checking your website&rsquo;s security.<\/p><h3 class=\"wp-block-heading\" id=\"h-3-scan-for-malware\">3. Scan for malware<\/h3><p>Malware can insert harmful code into your website&rsquo;s files. This can change permissions or configuration rules, leading to restricted access and a 403 Forbidden response.<\/p><p>Scan your website for malware to identify and remove any harmful code. On <a href=\"\/ng\/web-hosting\">Hostinger web hosting plans<\/a>, you can use the built-in <strong>Malware Scanner<\/strong> in hPanel without third-party tools:<\/p><ol class=\"wp-block-list\">\n<li>Go to your website&rsquo;s dashboard, then select<strong> Security &rarr; Malware Scanner<\/strong> from the left sidebar.<\/li>\n\n\n\n<li>If no malware is found, you&rsquo;ll see your hosting plan&rsquo;s name and the time since the last scan.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3db31e\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2074\" height=\"1064\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/public\" alt=\"The Malware Scanner feature in hPanel\" class=\"wp-image-132423\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=2074,fit=scale-down 2074w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-security-malware-scanner.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2074px) 100vw, 2074px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"3\" class=\"wp-block-list\">\n<li>Otherwise, the tool will list the infected files and the actions taken to clean them.<\/li>\n<\/ol><p>For additional protection, use reputable <a href=\"\/ng\/tutorials\/wordpress-malware-scanner-plugins\">WordPress malware scanner plugins<\/a> like <strong>Wordfence<\/strong> or <strong>Solid Security<\/strong>. These tools detect threats in real time and block suspicious activity before it can cause further issues.<\/p><p>If the scan reveals infections, clean or replace the affected files, then recheck your site to confirm the 403 error is gone.<\/p><?xml encoding=\"utf-8\" ?><figure class=\"wp-block-image size-full\"><a class=\"hgr-tutorials-cta hgr-tutorials-cta-web-hosting\" href=\"\/ng\/web-hosting\" target=\"_blank\" rel=\"noreferrer noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"300\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/11\/Web-hosting_in-text-banner.png\/public\" alt=\"Hostinger web hosting banner\" class=\"wp-image-98604\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/11\/Web-hosting_in-text-banner.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/11\/Web-hosting_in-text-banner.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/11\/Web-hosting_in-text-banner.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/11\/Web-hosting_in-text-banner.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure><h3 class=\"wp-block-heading\" id=\"h-4-disable-wordpress-plugins\">4. Disable WordPress plugins<\/h3><p>Faulty or incompatible WordPress plugins may override permission settings. When this happens, affected pages can become inaccessible and return a 403 Forbidden error.<\/p><p>Disable your WordPress plugins to determine if one is causing the issue. You can do this from your WordPress dashboard or <a href=\"https:\/\/support.hostinger.com\/en\/articles\/4411258-how-to-disable-wordpress-plugins-without-access-to-the-admin-page\">directly in hPanel<\/a> if you&rsquo;re a Hostinger customer:<\/p><ol class=\"wp-block-list\">\n<li>From your website&rsquo;s dashboard, go to <strong>WordPress &rarr; Security<\/strong>.<\/li>\n\n\n\n<li>Scroll down to the <strong>Installed plugins<\/strong> section.<\/li>\n\n\n\n<li>Toggle each plugin off individually and check your site after each change.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3dd453\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2090\" height=\"1274\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/public\" alt=\"The Installed plugins section in hPanel\" class=\"wp-image-132425\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=2090,fit=scale-down 2090w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-wordpress-security-installed-plugins.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2090px) 100vw, 2090px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>If you prefer a manual method, you can disable all plugins at once via the file manager or an FTP client:<\/p><ol class=\"wp-block-list\">\n<li>Navigate to the <strong>wp-content<\/strong> folder in <strong>public_html<\/strong>.<\/li>\n\n\n\n<li>Rename the <strong>plugins<\/strong> folder to <strong>disabled-plugins<\/strong>. This will deactivate all plugins simultaneously.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3dea3e\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1009\" height=\"352\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-disabledplugins.png\/public\" alt=\"Hostinger File Manager highlights the disabled-plugins directory\" class=\"wp-image-100204\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-disabledplugins.png\/w=1009,fit=scale-down 1009w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-disabledplugins.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-disabledplugins.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-disabledplugins.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 1009px) 100vw, 1009px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"3\" class=\"wp-block-list\">\n<li>Check your website. If the error is gone, one of the plugins is the culprit.<\/li>\n\n\n\n<li>Rename the folder back to <strong>plugins<\/strong> to reactivate them.<\/li>\n\n\n\n<li>From your WordPress dashboard, deactivate plugins one by one to identify the problematic one.<\/li>\n<\/ol><p>Once you&rsquo;ve found the plugin causing the error, update it or remove it entirely.<\/p><p>If security-related fixes don&rsquo;t work, the next steps address server configurations and file settings.<\/p><h3 class=\"wp-block-heading\" id=\"h-5-temporarily-disable-cdn\">5. Temporarily disable CDN<\/h3><p>A <a href=\"\/ng\/tutorials\/what-is-cdn\">content delivery network (CDN)<\/a> stores cached copies of your site across multiple servers, and outdated or misconfigured cache can lead to a 403 status code.<\/p><p>If your website uses a CDN, temporarily turn it off to check if it&rsquo;s serving the error instead of your origin server. Hostinger automatically enables the <strong>in-house CDN<\/strong> for the <strong>Business<\/strong> web hosting plan and above. To disable it in hPanel:<\/p><ol class=\"wp-block-list\">\n<li>Go to <strong>Performance &rarr; CDN<\/strong>.<\/li>\n\n\n\n<li>In the CDN status section, hit <strong>Disable<\/strong>.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3dff21\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2096\" height=\"414\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/public\" alt=\"The Disable button in the CDN menu of hPanel\" class=\"wp-image-132426\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=2096,fit=scale-down 2096w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-performance-cdn-disable-highlighted.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2096px) 100vw, 2096px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"3\" class=\"wp-block-list\">\n<li>If this resolves the problem, keep the CDN disabled temporarily and contact our support for further troubleshooting.<\/li>\n<\/ol><h3 class=\"wp-block-heading\" id=\"h-6-restore-the-htaccess-file\">6. Restore the .htaccess file<\/h3><p>A corrupted or misconfigured <strong>.htaccess<\/strong> file can apply incorrect server rewrite or access rules, blocking visitors and returning a 403 Forbidden error.<\/p><p>If recent changes or malware have altered your <strong>.htaccess<\/strong> file, replace it with a clean version. If you&rsquo;re using Hostinger, you can <a href=\"\/ng\/tutorials\/locate-and-create-htaccess\">create a new .htaccess file<\/a> through hPanel&rsquo;s File Manager:<\/p><ol class=\"wp-block-list\">\n<li>Go to <strong>Files &rarr; File Manager<\/strong> in your website dashboard.<\/li>\n\n\n\n<li>Open the <strong>public_html<\/strong> directory and locate the <strong>.htaccess<\/strong> file.<\/li>\n\n\n\n<li>Right-click the file and select <strong>Download<\/strong> to create a backup.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e18a1\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"826\" height=\"430\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-download-1.png\/public\" alt=\"The Download option in hPanel's File Manager\" class=\"wp-image-100195\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-download-1.png\/w=826,fit=scale-down 826w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-download-1.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-download-1.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-download-1.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 826px) 100vw, 826px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"4\" class=\"wp-block-list\">\n<li>Delete the current <strong>.htaccess<\/strong> file.<\/li>\n\n\n\n<li>Click <strong>New file<\/strong> and name it <strong>.htaccess<\/strong> without any extensions.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e2c74\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"616\" height=\"372\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-newfile.png\/public\" alt=\"The CREATE button in hPanel's File Manager\" class=\"wp-image-100196\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-newfile.png\/w=616,fit=scale-down 616w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-newfile.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/hostinger-filemanager-newfile.png\/w=150,fit=scale-down 150w\" sizes=\"auto, (max-width: 616px) 100vw, 616px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"6\" class=\"wp-block-list\">\n<li>Paste the following default code and save the file:<\/li>\n<\/ol><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># Enable URL Rewriting\nRewriteEngine On\n# Rewrite rule to redirect requests to index.php\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\nRewriteRule ^(.*)$ index.php?\/$1 [L]<\/pre><p>For WordPress websites, you can also regenerate the file without using File Manager:<\/p><ol class=\"wp-block-list\">\n<li>Log in to your WordPress dashboard.<\/li>\n\n\n\n<li>Go to <strong>Settings &rarr; Permalinks<\/strong>.<\/li>\n\n\n\n<li>Hit <strong>Save Changes<\/strong> without modifying any settings.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e41cd\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"900\" height=\"216\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/wordpress-permalinks.png\/public\" alt=\"WordPress Permalinks section highlights the Save Changes button\" class=\"wp-image-100197\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/wordpress-permalinks.png\/w=900,fit=scale-down 900w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/wordpress-permalinks.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/wordpress-permalinks.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/wordpress-permalinks.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 900px) 100vw, 900px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>After restoring <strong>.htaccess<\/strong>, try accessing your site again. If the error disappears, the file was likely the cause.<\/p><h3 class=\"wp-block-heading\" id=\"h-7-reset-file-and-directory-permissions\">7. Reset file and directory permissions<\/h3><p>File permissions control access to your website&rsquo;s data. When a file is too restrictive, the server blocks access for security reasons, resulting in a 403 Forbidden error.<\/p><p>If your file permissions are incorrect, you can easily reset them in just one click using Hostinger&rsquo;s built-in <strong>Fix File Ownership<\/strong> tool:<\/p><ol class=\"wp-block-list\">\n<li>In hPanel, search for <strong>Fix File Ownership<\/strong>.<\/li>\n\n\n\n<li>Select the checkbox to confirm and hit <strong>Execute<\/strong>. The tool will automatically set default permissions for all website files and folders.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e5843\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2108\" height=\"624\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/public\" alt=\"The Fix File Ownership menu in hPanel\" class=\"wp-image-132428\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=2108,fit=scale-down 2108w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-advanced-fix-file-ownership.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2108px) 100vw, 2108px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Alternatively, you can reset file permissions manually using an <a href=\"\/ng\/tutorials\/filezilla-ftp-configuration\">FTP client like FileZilla<\/a>:<\/p><ol class=\"wp-block-list\">\n<li>Connect FileZilla to your website.<\/li>\n\n\n\n<li>Right-click the <strong>public_html<\/strong> directory and select <strong>File Attributes<\/strong>.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e6f4e\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"566\" height=\"330\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes.png\/public\" alt=\"FileZilla FTP highlights the File Attributes option\" class=\"wp-image-100199\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes.png\/w=566,fit=scale-down 566w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes.png\/w=150,fit=scale-down 150w\" sizes=\"auto, (max-width: 566px) 100vw, 566px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"3\" class=\"wp-block-list\">\n<li>In the <strong>Numeric value<\/strong> field, enter <strong>755<\/strong> for directories. This lets the owner read, write, and execute the file but prevents others from modifying it.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e85e4\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"534\" height=\"421\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-755.png\/public\" alt=\"FileZilla FTP highlights the numeric value field in the Change file attributes popup, giving the directory file permissions 755\" class=\"wp-image-100200\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-755.png\/w=534,fit=scale-down 534w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-755.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-755.png\/w=150,fit=scale-down 150w\" sizes=\"auto, (max-width: 534px) 100vw, 534px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"4\" class=\"wp-block-list\">\n<li>Select <strong>Apply to directories only<\/strong>, then hit <strong>OK<\/strong>.<\/li>\n\n\n\n<li>For files, repeat the process, entering <strong>644<\/strong> for the <strong>Numeric value<\/strong> and selecting <strong>Apply to files only<\/strong>. This gives the owner read and write access, while others can only read.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3e9f52\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"534\" height=\"421\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-644.png\/public\" alt=\"FileZilla FTP highlights the numeric value field in the Change file attributes popup, giving the directory file permissions 644\" class=\"wp-image-100201\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-644.png\/w=534,fit=scale-down 534w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-644.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2023\/12\/ftp-fileattributes-644.png\/w=150,fit=scale-down 150w\" sizes=\"auto, (max-width: 534px) 100vw, 534px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Once you&rsquo;ve applied the correct permissions, revisit your site to confirm if the 403 error disappears.<\/p><h3 class=\"wp-block-heading\" id=\"h-8-edit-file-ownership\">8. Edit File Ownership<\/h3><p>In Linux and VPS hosting environments, the ownership settings decide which users can modify or execute files. If ownership is incorrectly assigned, you may be denied access to certain resources, causing a 403 error.<\/p><p>This fix is more technical, as it requires using SSH to connect to your server and running Linux commands. Follow these steps to check and <a href=\"\/ng\/tutorials\/how-to-change-linux-permissions-and-owners\">adjust file ownership in Linux<\/a>:<\/p><ol class=\"wp-block-list\">\n<li>Connect to your server using an <a href=\"\/ng\/tutorials\/how-to-use-putty-ssh\">SSH client like PuTTY<\/a>.<\/li>\n\n\n\n<li>To check the ownership of a file, run:<\/li>\n<\/ol><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">ls -l [file name]<\/pre><p>The output will look like this:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">-rwxrw-rw- 1 [owner][group] 22 Sep 22 10:00 filename.txt<\/pre><ol start=\"3\" class=\"wp-block-list\">\n<li><strong>Owner<\/strong> and <strong>group<\/strong> should match your hosting account&rsquo;s username. If not, use the <strong>chown<\/strong> command to fix it:<\/li>\n<\/ol><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">chown [owner][:group] [file name]<\/pre><p>For example, if your username is <strong>John<\/strong>, use:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">chown John filename.txt<\/pre><h3 class=\"wp-block-heading\" id=\"h-9-upload-an-index-page\">9. Upload an index page<\/h3><p>If your website lacks an index page<span style=\"margin: 0px;padding: 0px\">&nbsp;(e.g.,&nbsp;<strong>index.html<\/strong>&nbsp;or<strong>&nbsp;index.php)<\/strong><\/span>, users may receive a 403 Forbidden error when trying to access it.<\/p><p>This occurs because the web server expects an index page to load by default, and without one, the server blocks access.<\/p><p>First, check if your homepage is named <strong>index.html<\/strong> or<strong> index.php<\/strong>. If not, rename it through your FTP client or file manager.<\/p><p>If the index page is missing, create one. Here&rsquo;s how:<\/p><ol class=\"wp-block-list\">\n<li>Access your website&rsquo;s directory.<\/li>\n\n\n\n<li>Upload or create an <strong>index.html<\/strong> or <strong>index.php<\/strong> file inside the <strong>public_html<\/strong> directory.<\/li>\n\n\n\n<li>After uploading, try visiting your website again to verify that it now loads the homepage correctly.<\/li>\n<\/ol><p>If you&rsquo;re still facing issues, we have two more troubleshooting steps involving domain-related configurations that you can try.<\/p><h3 class=\"wp-block-heading\" id=\"h-10-verify-the-a-record\">10. Verify the A record<\/h3><p>The A record is a type of <a href=\"\/ng\/tutorials\/what-is-dns\">Domain Name System (DNS)<\/a> record that maps your domain to the correct IP address. If your domain&rsquo;s A record points to the wrong IP, users may be denied access to your website. This leads to a 403 Forbidden response.<\/p><p>If you host your website with Hostinger, first find your site&rsquo;s IP address by going to <strong>hPanel &rarr; Hosting Plan &rarr; Plan Details<\/strong>.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3ebca4\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"1088\" height=\"594\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/public\" alt=\"The website's IP address information in hPanel\" class=\"wp-image-132430\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/w=1088,fit=scale-down 1088w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-websites-hosting-plan-details-ip-address-highlighted.png\/w=768,fit=scale-down 768w\" sizes=\"auto, (max-width: 1088px) 100vw, 1088px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Then, <a href=\"\/ng\/tutorials\/how-to-check-if-domain-a-record-is-pointed-correctly\">check if your domain&rsquo;s A record is pointed correctly<\/a> by following these steps:<\/p><ol class=\"wp-block-list\">\n<li>Navigate to <strong>Advanced &rarr; DNS Zone Editor<\/strong>.<\/li>\n\n\n\n<li>Locate the A records by scanning the <strong>Type<\/strong> column.<\/li>\n\n\n\n<li>Examine the IP addresses listed in the <strong>Content<\/strong> column.<\/li>\n\n\n\n<li>If the A record doesn&rsquo;t point to the correct IP address, click <strong>Edit<\/strong> to modify it, then click <strong>Update<\/strong>.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3ed801\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2168\" height=\"736\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/public\" alt=\"An A record in hPanel\" class=\"wp-image-132431\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=2168,fit=scale-down 2168w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-a-highlighted.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2168px) 100vw, 2168px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Please note that editing the A record may affect the services or subdomains using it.<\/p><p>If this doesn&rsquo;t resolve the error or causes disruptions, consider creating a new A record instead:<\/p><ol class=\"wp-block-list\">\n<li>In the same <strong>DNS \/ Nameserver<\/strong> page, scroll up to the <strong>Manage DNS records<\/strong> section.<\/li>\n\n\n\n<li>Select <strong>A<\/strong> for the <strong>Type<\/strong>, then enter the correct IP address in the <strong>Points to<\/strong> field.<\/li>\n\n\n\n<li>Click <strong>Add Record<\/strong> to create the new A record.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3ef540\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2080\" height=\"370\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/public\" alt=\"The Manage DNS records section in hPanel\" class=\"wp-image-132434\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=2080,fit=scale-down 2080w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-manage-dns-records.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2080px) 100vw, 2080px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><h3 class=\"wp-block-heading\" id=\"h-11-update-nameservers\">11. Update nameservers<\/h3><p>When you change hosting providers, your domain&rsquo;s DNS records need to be updated to point to the correct nameservers. If you skip this step, users will still be directed to your old host, which leads to access issues like the 403 Forbidden error.<\/p><p>If you register your domain at Hostinger, here&rsquo;s how to <a href=\"\/ng\/tutorials\/how-to-change-domain-nameservers\">update your domain&rsquo;s nameservers<\/a>:<\/p><ol class=\"wp-block-list\">\n<li>Go to <strong>Domains &rarr; Domain portfolio &rarr; Manage<\/strong> next to your domain.<\/li>\n\n\n\n<li>Select <strong>DNS \/ Nameservers &rarr; DNS records<\/strong>.<\/li>\n\n\n\n<li>Choose <strong>Use Hostinger nameservers (recommended)<\/strong> if your website is with Hostinger, or <strong>Change nameservers<\/strong> if you host your site elsewhere.<\/li>\n\n\n\n<li>Fill in the correct nameserver details, then hit <strong>Save<\/strong>.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69f516f3f0e92\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-full wp-lightbox-container\"><img loading=\"lazy\" decoding=\"async\" width=\"2116\" height=\"1352\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/public\" alt=\"The Select Nameservers options in hPanel\" class=\"wp-image-132433\" srcset=\"https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=2116,fit=scale-down 2116w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=300,fit=scale-down 300w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=1024,fit=scale-down 1024w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=150,fit=scale-down 150w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=768,fit=scale-down 768w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=1536,fit=scale-down 1536w, https:\/\/imagedelivery.net\/LqiWLm-3MGbYHtFuUbcBtA\/wp-content\/uploads\/sites\/2\/2021\/08\/hpanel-domain-portfolio-dns-nameservers-dns-records-selected.png\/w=2048,fit=scale-down 2048w\" sizes=\"auto, (max-width: 2116px) 100vw, 2116px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><h3 class=\"wp-block-heading\">12. Disable or check hotlink protection<\/h3><p><strong>Hotlink protection prevents other websites from embedding your files, but a misconfigured rule can block your own domain and trigger 403 errors.<\/strong><\/p><p>This issue usually appears when <strong>images (JPG, PNG, WebP) return a 403 error while the rest of the website loads normally<\/strong>. That&rsquo;s a strong signal that hotlink protection is incorrectly configured.<\/p><p>First, check your hotlink protection settings in your hosting control panel. On Hostinger, go to <strong>Files &rarr; Hotlink Protection<\/strong> and verify that your domain is properly allowlisted. Add all common variations:<\/p><ul class=\"wp-block-list\">\n<li><code>yourdomain.com<\/code><\/li>\n\n\n\n<li><code>www.yourdomain.com<\/code><\/li>\n\n\n\n<li>both <strong>http<\/strong> and <strong>https<\/strong> versions<\/li>\n<\/ul><p>If any version is missing, your own site requests may be blocked.<\/p><p>If you&rsquo;re using <code>.htaccess<\/code>, look for rules like:<\/p><pre class=\"wp-block-preformatted\">RewriteEngine on<br>RewriteCond %{HTTP_REFERER} !^$<br>RewriteCond %{HTTP_REFERER} !^https?:\/\/(www.)?yourdomain.com [NC]<br>RewriteRule .(jpg|jpeg|png|gif|webp)$ - [F]<\/pre><p>Make sure your domain is included in the allowlist condition. Otherwise, remove or update the rule.<\/p><p>If you use Cloudflare, check <strong>Scrape Shield &rarr; Hotlink Protection<\/strong> and temporarily disable it to confirm whether it&rsquo;s causing the issue.<\/p><p>After making changes, clear your browser cache and test image URLs directly. If they load correctly, the 403 error was caused by hotlink protection.<\/p><h3 class=\"wp-block-heading\">13. Check whether your IP address is blocked<\/h3><p><strong>If you see a 403 error while others can access the site normally, your IP address is likely blocked by a firewall, security plugin, or server rule.<\/strong><\/p><p>This type of 403 error is user-specific and often caused by <strong>too many requests, failed login attempts, or security filters<\/strong> that flagged your IP as suspicious.<\/p><p>Start by confirming whether your IP is the issue. Connect to the site using a different network &mdash; for example, switch from WiFi to your phone&rsquo;s mobile data. If the website loads normally on another network, your current IP address is blocked.<\/p><p>Next, find your current IP address using a tool like &ldquo;what is my IP&rdquo; and check whether it appears in your hosting control panel. On Hostinger, go to <strong>Security &rarr; IP Manager<\/strong> and review the blocked IP list. If your IP is listed, remove it and save the changes.<\/p><p>If you&rsquo;re using a WordPress security plugin such as Wordfence or Solid Security, the block may come from there. If you&rsquo;re locked out of the dashboard, access your site via FTP or File Manager and temporarily disable the plugin by renaming its folder. Then log back in and remove the IP block from the plugin settings.<\/p><p>You should also check firewall rules at the CDN or server level. For example, Cloudflare&rsquo;s <strong>WAF (Web Application Firewall)<\/strong> may block specific IPs or regions based on custom rules or bot protection settings.<\/p><p>If the 403 error persists only on your IP, but not globally, the issue is almost always related to IP blocking rather than file permissions or server configuration.<\/p><p>If you prefer a visual guide, watch our video to discover easy-to-follow solutions for fixing the 403 Forbidden error. We&rsquo;ll show you step-by-step instructions for applying key troubleshooting methods, such as adjusting file permissions and resolving issues with the <strong>.htaccess<\/strong> file.<\/p><figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"How to Fix 403 Forbidden Error\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/wWtYqgOBe3Q?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure><p>\n  <div class=\"youtube-shortcode\">\n    <div class=\"row\">\n      <div class=\"col-7 col-sm-8 d-flex align-items-center\">\n        <img decoding=\"async\" class=\"channel-logo\" src=\"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-content\/themes\/tutorialsthemeuplift\/public\/images\/youtube-channels\/hostinger-academy.jpg\" alt=\"youtube channel logo\">\n        <div class=\"d-flex flex-column justify-content-between\">\n          <span class=\"slogan d-none d-sm-block\">Subscribe For more educational videos!<\/span>\n          <span class=\"channel-name\">Hostinger Academy<\/span>\n                    <\/div>\n      <\/div>\n      <div class=\"col-5 col-sm-4 d-flex align-items-center justify-content-end\">\n          <a class=\"subscribe-button\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"http:\/\/www.youtube.com\/channel\/UCbNIC-svDbtUOH2qsLnPQPg?sub_confirmation=1\">\n            <img decoding=\"async\" src=\"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-content\/themes\/tutorialsthemeuplift\/public\/images\/icons\/youtube.svg\" alt=\"subscribe\">\n            <span>Subscribe<\/span>\n          <\/a>\n      <\/div>\n    <\/div>\n  <\/div>\n\n    \n\n\n\n<\/p><h2 class=\"wp-block-heading\" id=\"h-how-to-fix-403-forbidden-as-a-developer-or-api-user\">How to fix 403 Forbidden as a developer or API user<\/h2><p><strong>A 403 Forbidden error in APIs and backend systems usually means your request is valid but lacks the required authorization, permissions, or configuration.<\/strong><\/p><p>Unlike website-level 403 errors caused by file permissions or plugins, developer-facing 403 responses are typically tied to <strong>authentication headers, access tokens, IAM policies, or API restrictions<\/strong>. The fix depends on how your request is structured and how the server validates access.<\/p><p>The sections below walk through the most common causes of 403 errors in APIs and backend systems, along with practical ways to diagnose and resolve them.<\/p><h3 class=\"wp-block-heading\">1. Check authorization headers and bearer tokens<\/h3><p><strong>A missing or incorrectly formatted Authorization header is one of the most common causes of 403 errors in APIs.<\/strong><\/p><p>Most APIs require a valid authentication token sent in the <code>Authorization<\/code> header. If the header is missing, malformed, or uses the wrong scheme, the server will reject the request even if the endpoint exists.<\/p><p>For example, a correct request typically looks like:<\/p><pre class=\"wp-block-preformatted\">curl -H \"Authorization: Bearer YOUR_ACCESS_TOKEN\" https:\/\/api.example.com\/user<\/pre><p>Make sure:<\/p><ul class=\"wp-block-list\">\n<li>The header name is exactly <code>Authorization<\/code><\/li>\n\n\n\n<li>The token uses the correct format (usually <code>Bearer &lt;token&gt;<\/code>)<\/li>\n\n\n\n<li>There are no extra spaces or missing prefixes<\/li>\n<\/ul><p>If you&rsquo;re using a frontend app or SDK, inspect the request in your browser&rsquo;s Network tab to confirm the header is being sent correctly.<\/p><h3 class=\"wp-block-heading\">2. Verify OAuth scope<\/h3><p><strong>A valid access token can still return a 403 error if it doesn&rsquo;t include the required OAuth scopes for the requested resource.<\/strong><\/p><p>APIs often restrict access based on scope (permissions attached to the token), such as <code>read:user<\/code>, <code>write:repo<\/code>, or <code>email<\/code>. If your token lacks the necessary scope, the server recognizes your identity but denies access to that specific action.<\/p><p>For example, a GitHub API request may fail if the token doesn&rsquo;t include the correct scope:<\/p><pre class=\"wp-block-preformatted\">curl -H \"Authorization: Bearer YOUR_TOKEN\" https:\/\/api.github.com\/user\/repos<\/pre><p>Check the API documentation to confirm which scopes are required for the endpoint. Then:<\/p><ul class=\"wp-block-list\">\n<li>Regenerate the token with the correct scopes, or<\/li>\n\n\n\n<li>Update your OAuth flow to request the necessary permissions<\/li>\n<\/ul><p>If the API returns a response body, look for keywords like <strong>&ldquo;insufficient_scope&rdquo;<\/strong> or <strong>&ldquo;forbidden&rdquo;<\/strong> &mdash; these are strong indicators that scope is the issue.<\/p><h3 class=\"wp-block-heading\">3. Rotate or refresh expired tokens<\/h3><p><strong>An expired or invalid access token can trigger a 403 error even if the request is otherwise correct.<\/strong><\/p><p>Many APIs use short-lived access tokens (typically <strong>15&ndash;60 minutes<\/strong>) for security. Once the token expires, the server may return a 403 instead of a 401, especially if the token is still present but no longer valid.<\/p><p>To fix this, generate a new access token or use a refresh token flow. A typical OAuth flow looks like:<\/p><pre class=\"wp-block-preformatted\">curl -X POST https:\/\/api.example.com\/oauth\/token <br>  -d \"grant_type=refresh_token\" <br>  -d \"refresh_token=YOUR_REFRESH_TOKEN\"<\/pre><p>Make sure your application:<\/p><ul class=\"wp-block-list\">\n<li>Stores refresh tokens securely<\/li>\n\n\n\n<li>Automatically refreshes access tokens before they expire<\/li>\n\n\n\n<li>Handles token renewal errors gracefully<\/li>\n<\/ul><p>If you&rsquo;re unsure whether expiration is the issue, decode the token (for JWTs) and check the <code>exp<\/code> field &mdash; it shows the exact expiration timestamp.<\/p><h3 class=\"wp-block-heading\">4. Audit IAM policies and access roles<\/h3><p><strong>A 403 error often occurs when your authenticated identity lacks the required permissions defined in IAM policies or access roles.<\/strong><\/p><p>In cloud environments like AWS, Google Cloud, or Azure, access is controlled by <strong>role-based policies<\/strong>. Even with valid credentials, your request will be denied if the assigned role doesn&rsquo;t &#1385;&#1400;&#1410;&#1397;&#1388; the specific action.<\/p><p>For example, in AWS, a Lambda function may return a 403 if its execution role lacks permission:<\/p><pre class=\"wp-block-preformatted\">{<br>  \"Effect\": \"Allow\",<br>  \"Action\": \"s3:GetObject\",<br>  \"Resource\": \"arn:aws:s3:::your-bucket\/*\"<br>}<\/pre><p>If this policy is missing, any request to read from the S3 bucket will fail with a 403.<\/p><p>To fix IAM-related 403 errors:<\/p><ul class=\"wp-block-list\">\n<li>Check which identity (user, role, or service account) is making the request<\/li>\n\n\n\n<li>Review attached policies for missing actions (e.g., <code>s3:GetObject<\/code>, <code>lambda:InvokeFunction<\/code>)<\/li>\n\n\n\n<li>Ensure the resource ARN matches exactly (bucket, function, API endpoint)<\/li>\n<\/ul><p>On Google Cloud, verify <strong>IAM roles<\/strong> assigned to your service account. On Azure, review <strong>RBAC (Role-Based Access Control)<\/strong> permissions in the resource group or service level.<\/p><p>If the API response includes messages like <strong>&ldquo;AccessDenied&rdquo;<\/strong> or <strong>&ldquo;not authorized to perform this action&rdquo;<\/strong>, the issue is almost always permission-related.<\/p><h3 class=\"wp-block-heading\">5. Distinguish 403 from 429 rate limiting<\/h3><p><strong>Some APIs return a 403 error instead of a 429 (Too Many Requests) when you exceed rate limits.<\/strong><\/p><p>While 429 is the standard status code for rate limiting, many APIs (including older or custom implementations) use 403 to block further requests once a quota is exceeded. This can make it seem like a permission issue when it&rsquo;s actually a usage limit.<\/p><p>If you&rsquo;re sending multiple requests in a short time, inspect the response headers and body. A rate-limited response often includes:<\/p><ul class=\"wp-block-list\">\n<li>A <code>Retry-After<\/code> header indicating when you can try again<\/li>\n\n\n\n<li>Keywords like <strong>&ldquo;rate limit&rdquo;<\/strong>, <strong>&ldquo;quota exceeded&rdquo;<\/strong>, or <strong>&ldquo;too many requests&rdquo;<\/strong><\/li>\n<\/ul><p>For example:<\/p><pre class=\"wp-block-preformatted\">HTTP\/1.1 403 Forbidden<br>Retry-After: 60<\/pre><p>To resolve this:<\/p><ul class=\"wp-block-list\">\n<li>Reduce request frequency (implement throttling)<\/li>\n\n\n\n<li>Use exponential backoff between retries<\/li>\n\n\n\n<li>Check API quotas and upgrade your plan if needed<\/li>\n<\/ul><p>If the error disappears after waiting or reducing request volume, the issue is rate limiting &mdash; not authentication or permissions.<\/p><h3 class=\"wp-block-heading\">6. Check for CORS-related 403 errors<\/h3><p><strong>A 403 error in browser-based requests can occur when the server blocks cross-origin requests due to missing or misconfigured CORS headers.<\/strong><\/p><p>CORS (Cross-Origin Resource Sharing) controls whether a browser allows requests from a different domain. If the server doesn&rsquo;t include the correct <code>Access-Control-Allow-Origin<\/code> header, the browser may block the request &mdash; sometimes surfacing as a 403 error.<\/p><p>This often happens during <strong>preflight requests (OPTIONS)<\/strong>. If the server rejects the preflight check, the actual request never proceeds.<\/p><p>To diagnose:<\/p><ul class=\"wp-block-list\">\n<li>Open DevTools &rarr; Network tab<\/li>\n\n\n\n<li>Look for an <code>OPTIONS<\/code> request before your main request<\/li>\n\n\n\n<li>Check if the response includes headers like:\n<ul class=\"wp-block-list\">\n<li><code>Access-Control-Allow-Origin<\/code><\/li>\n\n\n\n<li><code>Access-Control-Allow-Methods<\/code><\/li>\n\n\n\n<li><code>Access-Control-Allow-Headers<\/code><\/li>\n<\/ul>\n<\/li>\n<\/ul><p>Example of a failing request:<\/p><pre class=\"wp-block-preformatted\">Origin: https:\/\/yourapp.com<\/pre><p>If the server doesn&rsquo;t explicitly allow this origin, the request will be blocked.<\/p><p>To fix this:<\/p><ul class=\"wp-block-list\">\n<li>Configure the server to allow your origin (or use <code>*<\/code> for public APIs)<\/li>\n\n\n\n<li>Ensure preflight requests return a <strong>200 status with proper headers<\/strong><\/li>\n\n\n\n<li>Verify that authentication headers (like <code>Authorization<\/code>) are included in <code>Access-Control-Allow-Headers<\/code><\/li>\n<\/ul><p>If the same request works in <code>curl<\/code> but fails in the browser, the issue is almost always CORS-related.<\/p><h3 class=\"wp-block-heading\">7. Test from a different IP or network<\/h3><p><strong>A 403 error can happen when an API blocks your IP address, region, VPN, or data center network instead of your credentials.<\/strong><\/p><p>This is common with APIs protected by firewalls, fraud detection systems, or Web Application Firewalls (WAFs). Your token may be valid, but the request is rejected because it comes from a blocked IP range or unsupported location.<\/p><p>Test the same request from a different network:<\/p><pre class=\"wp-block-preformatted\">curl -H \"Authorization: Bearer YOUR_TOKEN\" https:\/\/api.example.com\/resource<\/pre><p>Then repeat it from:<\/p><ul class=\"wp-block-list\">\n<li>a local machine instead of a server<\/li>\n\n\n\n<li>mobile hotspot instead of office WiFi<\/li>\n\n\n\n<li>a different cloud region<\/li>\n\n\n\n<li>a non-VPN connection<\/li>\n<\/ul><p>If the request works from one network but fails from another, check IP allowlists, firewall rules, geo-restrictions, and WAF logs.<\/p><p>For APIs hosted behind Cloudflare or similar CDNs, review security events to see whether the request was blocked before reaching the origin server. If your app runs on AWS, Google Cloud, or Azure, confirm that the API provider allows requests from cloud data center IP ranges.<\/p><p>This test helps separate <strong>authorization problems<\/strong> from <strong>network-based blocking<\/strong>.<\/p><h3 class=\"wp-block-heading\">8. Inspect the full request and response<\/h3><p><strong>The fastest way to diagnose an API-related 403 error is to inspect the complete request and response, including headers, status code, and response body.<\/strong><\/p><p>A 403 response often includes clues that explain whether the issue comes from authentication, permissions, rate limits, CORS, IP blocking, or a WAF rule. Don&rsquo;t rely on the status code alone &mdash; check the exact error message returned by the server.<\/p><p>Use <code>curl -i<\/code> to show the response headers:<\/p><pre class=\"wp-block-preformatted\">curl -i -H \"Authorization: Bearer YOUR_TOKEN\" https:\/\/api.example.com\/resource<\/pre><p>Look for signals like:<\/p><ul class=\"wp-block-list\">\n<li><code>WWW-Authenticate<\/code> &rarr; authentication or token issue<\/li>\n\n\n\n<li><code>Retry-After<\/code> &rarr; rate limiting<\/li>\n\n\n\n<li><code>Access-Control-Allow-Origin<\/code> &rarr; CORS configuration<\/li>\n\n\n\n<li><code>X-RateLimit-Remaining<\/code> &rarr; quota status<\/li>\n\n\n\n<li><code>Server: cloudflare<\/code> &rarr; CDN or WAF-level block<\/li>\n<\/ul><p>Also review the response body. Messages like <strong>&ldquo;insufficient_scope,&rdquo; &ldquo;AccessDenied,&rdquo; &ldquo;quota exceeded,&rdquo; &ldquo;origin not allowed,&rdquo;<\/strong> or <strong>&ldquo;blocked by security policy&rdquo;<\/strong> usually point to the exact cause.<\/p><p>If the request works in one tool but fails in another, compare both requests line by line. Differences in headers, methods, origin, IP address, or token format often explain why one request succeeds and the other returns 403.<\/p><h2 class=\"wp-block-heading\" id=\"h-key-takeaways\">Key takeaways<\/h2><p>Troubleshooting the 403 Forbidden error requires a systematic approach. Start with the simplest fixes and gradually progress to more complex solutions.<\/p><ul class=\"wp-block-list\">\n<li><strong>Clear your browser cache and cookies and switch off your VPN connection<\/strong> to rule out local issues like outdated data or restricted access.<\/li>\n\n\n\n<li><strong>Perform malware scans and update plugins<\/strong> to avoid conflicts and ensure that your site is secure.<\/li>\n\n\n\n<li><strong>Reset file permissions and restore your .htaccess file<\/strong> to correct server-side issues that may be blocking access.<\/li>\n\n\n\n<li><strong>Verify your domain&rsquo;s A record and nameservers<\/strong> to ensure that your domain points to the correct IP address and has the right configuration for server communication.<\/li>\n<\/ul><p>If the 403 problem persists, there are still some other methods worth trying:<\/p><ul class=\"wp-block-list\">\n<li><strong>Check for issues with hidden files or directories<\/strong> that might be causing the error.<\/li>\n\n\n\n<li><strong>Inspect the server error logs<\/strong> for detailed information about what might be causing the 403 error.<\/li>\n\n\n\n<li><strong>Contact your hosting provider&rsquo;s support team<\/strong> to help you diagnose and fix the error.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>A 403 Forbidden error is an HTTP status code that means the server understands your request but refuses to authorize access, usually due to permission or configuration issues. The 403 Forbidden error appears in many forms depending on your browser and the server software your site runs on. Common variants include: All of these are [&#8230;]<\/p>\n<p><a class=\"btn btn-secondary understrap-read-more-link\" href=\"\/ng\/tutorials\/how-to-solve-403-forbidden-error\">Read More&#8230;<\/a><\/p>\n","protected":false},"author":411,"featured_media":146546,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_title":"403 forbidden error: What it means and how to fix it","rank_math_description":"403 Forbidden means the server understood your request but refuses to authorize it. Learn what causes it and how to fix it as a site owner or developer.","rank_math_focus_keyword":"403 forbidden","footnotes":""},"categories":[22630],"tags":[],"class_list":["post-12816","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-aspects"],"hreflangs":[{"locale":"en-US","link":"https:\/\/www.hostinger.com\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"pt-BR","link":"https:\/\/www.hostinger.com\/br\/tutoriais\/o-que-significa-erro-403","default":0},{"locale":"pt-PT","link":"https:\/\/www.hostinger.com\/pt\/tutoriais\/tutorialo-que-significa-erro-403","default":0},{"locale":"en-CA","link":"https:\/\/www.hostinger.com\/ca\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-UK","link":"https:\/\/www.hostinger.com\/uk\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-PH","link":"https:\/\/www.hostinger.com\/ph\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-MY","link":"https:\/\/www.hostinger.com\/my\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-IN","link":"https:\/\/www.hostinger.com\/in\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-AU","link":"https:\/\/www.hostinger.com\/au\/tutorials\/how-to-solve-403-forbidden-error","default":0},{"locale":"en-NG","link":"https:\/\/www.hostinger.com\/ng\/tutorials\/how-to-solve-403-forbidden-error","default":0}],"_links":{"self":[{"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/posts\/12816","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/users\/411"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/comments?post=12816"}],"version-history":[{"count":101,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/posts\/12816\/revisions"}],"predecessor-version":[{"id":146545,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/posts\/12816\/revisions\/146545"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/media\/146546"}],"wp:attachment":[{"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/media?parent=12816"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/categories?post=12816"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostinger.com\/ng\/tutorials\/wp-json\/wp\/v2\/tags?post=12816"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}