How can you correct a 403 Forbidden error on your site?

Procédure

Introduction

If you have recently tried to access your site and have been confronted with a message indicating that something is "forbidden" or that you do not have permission to access part of your site, it is likely that you have encountered the 403 Forbidden error.

Discovering such an error on your site can be a source of frustration and discouragement. That's why we've put together this detailed guide to help you resolve the 403 Forbidden error and get your site back up and running as quickly as possible.

What is the 403 Forbidden error?

When you encounter the 403 Forbidden error, it means that the server has understood your request but cannot grant you further access. In other words, the web page you are trying to open in your browser is a resource that you are not authorised to access.

When you encounter the 403 Forbidden error, this indicates a specific status that the web server is communicating to your browser, but in general, this error is a sign that your access to a resource is restricted. Every time you browse a website, there are exchanges between your browser and the server in the background. Normally everything works fine and you get the status code 200, but when problems occur, different codes may appear. Error 403 Forbidden, in particular, indicates that the server has understood your request, but refuses to give you access to the requested resource. This could be compared to a situation where you try to attend a private event, only to discover that your name has been removed from the guest list without explanation.

Error code	403
Type of error	Authentication error
Error Variations	Forbidden - You do not have permission to access / on this server 403 - Forbidden : Access is denied 403 - Forbidden Error 403 - Forbidden Error - You do not have permission to access this address 403 - Forbidden - nginx
Causes of the error	Corrupt .htaccess file Incorrect file permissions Extension problems

What causes the 403 Forbidden error?

The 403 Forbidden error can have two main causes:

• A damaged .htaccess file.
• Incorrect file authorisations.

It is also possible that this error is due to a malfunction linked to an extension used on your site.

Variations of 403 Forbidden errors

As with many other HTTP status codes, the 403 Forbidden error can manifest itself in a variety of ways.

Here are some common examples you might encounter:

• "Forbidden - You don't have permission to access / on this server"
• "403 - Forbidden: Access is denied" error
• "Error 403 - Forbidden"
• "403 - Forbidden Error - You are not allowed to access this address"
• "403 Forbidden - Nginx"
• "HTTP Error 403 - Forbidden - You do not have permission to access the document or program you requested"
• "403 Forbidden - Access to this resource on the server is denied"
• "403. That's an error. Your client does not have permission to get URL / from this server"
• "You are not authorized to view this page"
• "It appears you don't have permission to access this page."

In general, if you notice a mention of "forbidden" or "not allowed to access", it's likely that you're encountering a 403 Forbidden error.

How do I repair the 403 Forbidden error?

You can use the nine steps below to correct the 403 Forbidden error.

1. Refresh the page and check the address again

Sometimes simple solutions can solve complex problems. So try refreshing the page you're having trouble accessing. The 403 error may be temporary, so you may be able to access the page after a refresh.

Make sure you also check the spelling of the URL. If the address you are trying to reach is a directory rather than a web page, you are likely to get a 403 error. For example: www.domaine.ext/wp-content/uploads/2024/03/

2. Empty your browser's cache

Another practical method is to empty your browser's cache.

The cache is a useful tool that helps websites load faster. However, it can sometimes happen that the cached version of a page does not correspond to its real version.

3. Change your file permissions

Each folder and file on your server has its own specific permissions that determine what actions are allowed:

• Read: allows you to view the data in the file or display the contents of a folder.
• Write: allows you to modify the file or add/delete files in a folder.
• Execute: allows you to run the file as a script or access a folder and execute functions and commands.

These permissions are represented by a three-digit number, each digit indicating the level of permission for the three categories mentioned above.

Normally, these authorisations are only relevant to your site. However, problems with file permissions can result in a 403 Forbidden error.

To check and modify your site's file permissions, you can use your hosting's file manager.

Once in the file manager, you can view the permissions for a file or folder(2) and modify them(1).

Of course, manually checking the permissions for each file or folder isn't practical. Instead, you can automatically apply file permissions to all files or folders in a folder.

According to WordPress Codex, the ideal file permissions for WordPress are:

• Files: 644 or 640
• Folders: 755 or 750

An exception is made for your wp-config.php file, which should have permissions of 440 or 400.

To set these permissions, right-click on the folder containing your site (the folder name is htdoc at LWS) and select "File access rights". Then enter 755 or 750 in the Numeric value box, choose"Recursion in sub-folders" (1) and"Apply only to folders" (2).

Next, follow the same process for files by entering 644 or 640 in the Numeric Value field, selecting "Recursion in sub-folders" (1) and "Apply only to files" (2).

Finally, manually adjust the permissions of your wp-config.php file to 440 or 400.

If problems with file permissions caused the 403 Forbidden error, your site should now be working correctly.

4. Delete and restore the .htaccess file

A common cause of the 403 Forbidden error is a problem in your site's .htaccess file.

The .htaccess file is a configuration file used by the Apache web server. It can be used to configure redirects, restrict access to certain parts of your site, etc.

Because of its power, even a small error can cause a big problem, like the 403 Forbidden error.

Instead of trying to troubleshoot the .htaccess file itself, a simpler solution is to force WordPress to generate a new, clean .htaccess file.

Here's how to do it:

1. Connect to your hosting'sfile manager
2. Find the .htaccess file in your root folder(1).
3. Download(2) a copy of the file to your computer (it's always a good idea to have a backup copy just in case).
4. Delete(3) the .htaccess file from your server after making a safe backup copy on your local computer.

Now you should be able to access your WordPress site if your .htaccess file was the problem.

To force WordPress to generate a new, clean .htaccess file:

1. Go to Settings(1) → Permalinks(2) in your WordPress dashboard.
2. Click Save(3) the changes at the bottom of the page (you don't need to make any changes - just click the button).

And that's it - WordPress will now generate a new .htaccess file for you.

5. Deactivate then reactivate your extensions

If neither your site's file permissions nor the .htaccess file seem to be a problem, the next place to check is your WordPress extensions. There may be a bug in one extension or a compatibility issue between different extensions.

To find the extension responsible, we invite you to follow this documentation.

6. Temporarily disable the CDN

If you are getting 403 forbidden errors on your resources (images, JavaScript, CSS), this could be a problem with your content delivery network (CDN).

If you are using the services of a CDN such as Cloudflare, we recommend that you temporarily reconfigure the LWS default DNS to check whether the problem is with the CDN.

7. Check whether Hotlink protection is misconfigured

Hotlinking occurs when someone includes an image on their site, but the link from that image is always directed to someone else's site. To avoid this, some people set up what is known as "hotlinking protection" with their web host or CDN provider.

When hotlinking protection is activated, it generally generates a 403 Forbidden error. This is perfectly normal. However, if you encounter a 403 Forbidden error on something that should not be blocked, make sure that the hotlinking protection is correctly configured.

8. Disconnect from your VPN

Here's another simple tip that might solve this problem.

Some sites may be blocking access to users using a VPN, which could explain why you're getting the 403 Forbidden error.

To check whether this is the case, disconnect from the VPN and try accessing the site in another way. You can also try switching to another server offered by your VPN service.

9. Contact your customer support

If none of the above solutions has worked for you, we recommend that you contact our technical support team for a personalised analysis of your problem.

Conclusion

You now know how to :

• Identify the403 Forbidden error and understand its implications.
• Recognise the different causes that can lead to this error on your site.
• Apply practical solutions to resolve the error, in particular by refreshing the page, emptying your browser's cache, changing your file permissions or restoring the .htaccess file.
• Take steps to prevent the error recurring, by temporarily disabling extensions or the CDN, checking the Hotlink protection configuration, or disconnecting from your VPN.
• Seekprofessional help if you are unable to resolve the issue yourself.

🔧 With these tools in hand, you're now armed to deal with this frustrating error and restore access to your site. 🌐 Don't forget that every problem has its solution and that sometimes a simple page refresh or configuration adjustment can make all the difference. 💡

Thank you for reading and we hope you found this article useful. If you have any questions or would like to share your experience with the 403 Forbidden error, please feel free to leave a comment below. Your feedback is valuable and helps us improve our service. 🙏