March 25, 2020
March 25, 2020
If you are reading this, you recently came across an error message saying 403 Forbidden – you don’t have permission to access / on this server. And most likely, you have no idea what it is all about. Well, don’t worry! This is a quite common scenario that many web users run into.
In short, follow these steps in order to fix the 403 forbidden error:
In this tutorial, you are going to learn about the reasons that might be liable for a 403 forbidden error and possible solutions that will help you get rid of it. As an example, we will show you how to fix this error on a WordPress site. However, steps would be almost identical on any other CMS or static websites.
It is worth mentioning that 403 errors might differ based on various circumstances. Occasionally, this error can also be a result of a few changes that your hosting company might have made in their system or due to the implementation of some updates.
Whatever it is, let’s look deeper into the error and find out more details about it. We will then list various reasons responsible for this error, and the possible solutions for it.
Let’s get started!
Before we dig deeper and try to fix the 403 Forbidden Error, let’s first understand what it actually is. 403 forbidden error is an HTTP status code. When you encounter this error message, you are basically trying to reach an address or a website that is forbidden to access.
Here are examples of some these errors that are commonly thrown:
Forbidden: You don't have permission to access [directory] on this server
HTTP Error 403 – Forbidden
403 forbidden request forbidden by administrative rules
Access Denied You don't have permission to access
So what causes these errors? Let’s find out.
Getting a 403 Error in the middle of development might seem disturbing. But before we can fix it, we need to know about the actual reason causing it. The simple reason why we are seeing this error is that you are trying to access something you don’t have the permission to. Throwing a 403 forbidden error is your website’s way of stating that you don’t have enough permissions to proceed further.
This error is basically due to:
That said, let’s have a quick look at how you can make it disappear.
Now that we know the various factors causing the error, it is time to look at how to get rid of it. The steps mentioned here mainly focus on WordPress, but they can be applied to other websites as well. Let’s go through some of the steps involved:
You may not be familiar with the .htaccess file. This is because the file often remains hidden in the project directory. However, if you are using Hostinger File Manager, you should be able to see .htaccess by default in your hPanel.
To help you understand the .htaccess file better – it’s a server configuration file and mainly works by altering the configuration on the Apache Web Server settings.
Although the .htaccess file is present in almost all WordPress websites, in some rare events, when your website doesn’t have a .htaccess file or is deleted unintentionally, you need to create a .htaccess file manually.
Now, that you have found your .htaccess file, all you need to do is:
However, if this doesn’t solve the issue, move onto the next method.
Another reason for encountering a 403 Error Forbidden message is bad permissions for your files or folders. In general, when files are created, they come with certain default permissions. These basically control how you can read, write and execute the files for your use.
If you’re using Hostinger, there’s a special tool that will take care of all your permission problems in just a single click. Enter Fix File Ownership in the search bar or scroll to the bottom of your control panel to Other and locate it there.
This tool will save you loads of time and will restore all file and directory permissions to default values.
However, a FileZilla FTP client also provides all you need to edit file and folder permissions. To begin, you should:
If you want to get a better insight on how file and folder permissions work in a Linux environment or learn to use the command line to change permissions, see this tutorial.
However, if nothing seems to happen, it is time to move onto the next method.
If you have come this far, chances are high that the error was thrown due to an incompatible or faulty plugin. In this step, we will try disabling plugins to see if it fixes the 403 Forbidden Error.
The best thing to do would be to disable all the plugins at once instead of going through the process individually. With this step, you would be able to detect the problem and work towards a solution. Here is what you have to do:
Once you have disabled all the plugins, try accessing your website again. Did this fix the problem? If yes, a problematic plugin is the actual source of error. Try deactivating your plugins one by one, and check if your website is back in working action now. This way you will be able to detect the faulty plugin.
You can then choose to update the plugin if it is necessary or install a new one. However, if nothing of the above-mentioned steps worked for you (which is rare!), you may need to contact your hosting provider.
Note: If you have recently migrated from one web host to another, and forgot to change your nameservers, your domain may still be pointing to your old web host. This can be a problem when they cancel your account, resulting in a 403 Error. So make sure your site is pointing to the right place. For more information, check out this tutorial.
By following the methods listed above, you can get rid of the 403 forbidden error. We understand that this error is irritating, and won’t let you access your website. Nevertheless, follow the above-mentioned steps one by one, and we’re sure, you’ll be able to bring your website back to action.
We hope that the above tutorial was easy to follow. For more comprehensive WordPress tutorials, tips and cheat-sheets check this page.
March 04 2019
Thanks for the post. The fix for me was one of the plugins that was causing it.
August 30 2019
oh, very helpful!!! thanks!
April 21 2020
FINALLY!! After going through and checking Cloudflare security settings, Sucuri firewalls, Wordfence IPs, deleting/disabling ALL plugins, checking web server resources and a whole lot more 'fixes' that so many others have recommended ... simply deleting the .htaccess file did the trick. Thank you so much for a great resource!
May 13 2020
Thank you, this was very helpful!