Was your online experience interrupted by an annoying 403 error?
Don’t worry!
You’ve landed on the right page, as this blog unravels everything about the 403 errors on WordPress sites.
A 403 forbidden error looks critical enough to cause panic. However, WordPress errors aren’t as scary as they might appear.
Before I tell you all the different 403 forbidden fixes, let’s learn a bit about this error and its causes, so you can understand the underlying causes and fix those ahead of time.
Short on time?
Jump right ahead to the fixes.
What is 403 Forbidden Error?
This HTTP status code appears when you try to access a forbidden resource. This error code indicates a permission error and is commonly caused due to indexing issues, badly coded plugins, an empty site directory, or ownership issues.
What Causes the 403 Forbidden Error?
A major reason the 403 error appears on WordPress sites is the improper configuration denying access to the requested resource.
Other reasons include:
- A corrupt .htaccess file.
- A poorly coded plugin.
- Incorrect file permissions.
What Are the Different Variations of 403 Forbidden Errors?
You may encounter 403 forbidden errors in different variations. Some of these are:
- 403 Forbidden
- HTTP Error 403 – Forbidden
- Forbidden: You don’t have permission to access [directory] on this server
- A 403 forbidden error occurred while using an ErrorDocument to handle the request.
- Forbidden
- Error 403
Fix 403 Forbidden Errors with our WP Rescue Kit: Ultimate Error-Fixing Checklist!
403 Forbidden Errors can confuse visitors and potentially expose security vulnerabilities. Get our FREE guide and learn how to fix these errors quickly to ensure a smooth user experience and maintain a secure website.
Thank You
Your list is on it’s Way to Your Inbox.
How to Fix 403 Forbidden Error (9 Easy Fixes)
The 403 error can be a bit tricky to resolve because the server doesn’t allow your browser to load the scripts.
Nonetheless, fixing it is possible if you know what you’re doing.
Several easy ways exist to resolve the 403 forbidden error on WordPress sites.
Below I’ll share 9 easy fixes that can help you chronologically detect and fix the error.
Note: Before trying any troubleshooting method, it is highly recommended to back up your entire website. Because if something goes wrong while troubleshooting, it will help you recover your website without any hassle.
1. Clear Your Browsing Cache
Clearing your browser’s cache is the simplest solution to the 403 error, and a hard refresh is always recommended whenever you encounter a WordPress error.
The 403 error might simply be down to the browser cache. So, clearing your browser cache and cookies or visiting your website in incognito mode might fix your issue.
While there are many web browsers out there, if you use Google Chrome, here’s how you can clear your browser cache.
- To clear your cache in Google Chrome, click the three dots icon in the top right of your browser window, then go to More Tools > Clear browsing data. Alternatively, use the hotkey combination: CTRL + SHIFT + DEL. Select “Cached images and files” and choose the time frame (e.g., last 24 hours) from the Time Range field. Click “Clear data” to empty the cache.
- For more advanced data removal, go to the Advanced tab in the Clear browsing data window. You can choose to clear passwords, autofill form data, site settings, and hosted app data. Click “Clear Data” when done.
- Google Chrome also offers different paths to access the Clear Browsing Data window. You can find it in Chrome Settings > Privacy and Security or directly by clicking the Clear Browsing Data button. Additionally, you can manage cookies by going to Cookies and Other Site Data settings.
- To automate cache clearing, explore the option to clear cookies and site data when you close all windows. You can also manually manage cache items by accessing “See All Cookies and Site Data.” There, you can allow, block, or clear cookies for specific sites.
2. Rollback to a Running Version From Your Hosting Backup
If your hosting provider offers an application or server-level backup, you can revert the changes and roll back to the previous running version. Reverting to the last working version can help you bypass the 403 error.
For example, your website worked fine on August 2nd but stopped on September 1st. In that case, you can return to the previous working version with a few clicks.
If you are a Cloudways user, rolling back to a previous version is incredibly simple. Follow the steps below:
- Log in to the Cloudways platform
- Select your application
- Go to Backup and Restore
- Roll back to the previous version by selecting the date from the drop-down menu
- And that’s it. Following the steps above will help you roll back to previous versions on the Cloudways platforms in minutes.
3. Check .htaccess File
Another reason why a 403 forbidden WordPress error may occur is a corrupted .htaccess file. You can fix a bad .htaccess file in a few seconds with any FTP manager.
- First, log in to your server using an FTP client
- Go to the .htaccess file located in the public_html
- Right-click on the .htaccess file and download the file to remain safe
- Once you’ve downloaded the file, delete the .htaccess file
- Now go to your browser and refresh your website to check if the 403 error has been resolved
Note: Don’t forget to upload the .htaccess file you previously downloaded to your server.
If the issue is resolved by deleting the .htaccess file, it confirms that the error was due to a corrupted .htaccess file.
To generate a clean .htaccess file, follow these steps:
- Log in to your WordPress dashboard
- Go to Settings > Permalinks
- You’ll be redirected to the permalink settings page
- Click the Save Changes button at the bottom of the page to generate a new .htaccess file.
- Open your FTP client to verify if the .htaccess file has been regenerated.
If the error still persists, move to the next troubleshooting method outlined below:
4. Check File Permissions
Many files in WordPress require access permissions. And if those permissions are incorrect, the server will give a 403 permission denied error, indicating you don’t have the requested file.
- Connect to your WordPress website using an FTP client
- Navigate to the root
- Right-click public_html and click the file permissions
- Ensure that the numeric value in the Permission box is set to 744 or 775
- Check the box next to ‘Recurse into subdirectories‘
- Check the option that says ‘Apply to directories only‘
- Click OK
- Repeat the same process for all the files
- Set the file permission to 644 or 640
- Don’t forget to select Recurse into subdirectories > Apply to files only
- Click OK
- Check again to see if the 403 forbidden WordPress error is resolved. If it still appears, then perform the next step, i.e., deactivating the plugins
5. Deactivate All Plugins
Sometimes poorly coded plugins can cause a 403 forbidden error on WordPress sites. Therefore, we can deactivate all our plugins and check whether the issue is resolved or not.
To deactivate your plugins:
- You must again access your WordPress files using an FTP client like FileZilla
- Go to public_html > wp-content
- Change the plugins folder name (I’ve changed it to plugins-old)
- Go back to your browser and refresh
- If the website starts working fine, then the plugins were causing the error
- Change your plugins-old folder name to plugins
- Once you’ve changed the folder name, go to the WordPress Dashboard > Plugins > Installed Plugins
- You will see that all plugins are deactivated by default
- Activate each plugin and check if your website works after activation, and you’ll find the problematic plugin
6. HotLink Protection
Hotlink protection prevents other websites from using your site images. You can use hotlink protection if you don’t want to allow Google Images, Pinterest, or any other site to display your images. Also, it helps you with site bandwidth and server resource consumption.
Sometimes, enabling hotlink protection on your CDN/hosting can trigger a 403 error if it is not set up properly. Therefore, it’s highly recommended to configure it carefully and then check the site’s status.
7. Contact Your Hosting Support
If you have performed all the above steps and are still seeing the 403 error, the last resort is to contact your hosting provider. Many managed hosting providers offer prompt help with these issues.
Cloudways has 24/7 live chat & ticket support assistance and offers cloud-based WordPress hosting starting from $11/month. So, with a host like Cloudways, you’re in good hands, even in the world of scary errors like 403.
Note: you can also check our guides to fix other errors such as the 404 error, 500 internal server error, the white screen of death, or our guide on common WordPress errors.
8. Reconfigure Ownership of the File for Proper Access
An incorrect file ownership on a Linux or VPS web hosting can trigger the 403 Forbidden error. In these environments, files, and folders can be assigned to an Owner, a Group, or both. To modify ownership, you’ll need SSH access and an SSH terminal to connect to the VPS.
To check ownership, use the SSH command:
ls -1 [file name]
The correct ownership should match your hosting account’s username. If it’s different, use the chown Linux command to modify file ownership with this syntax:
chown [owner][:group] [file name]
If you’re not comfortable using SSH, you can seek assistance from your hosting provider’s support team.
Here’s an example of how you’d change the Owner or a Group of a file:
Example — Change the Owner of a File
# chown Rehman myfile # ls -l myfile -rw-r--r-- 1 Rehman users 112640 Aug 2 07:10 myfile
In this example, the ownership of the file “myfile” is changed to the user “Rehman” using the chown command. After executing the command, the file’s permissions and ownership are updated, and the new ownership is displayed as “Rehman”.
The file now belongs to the user “Rehman” and the group “users”. The modification date of the file is shown as August 2 at 07:10.
Example — Change the Group Ownership of a File
$ chgrp cloudways myfile $ ls -l myfile -rwxrw-- 1 Rehman cloudways 12225 Aug Aug 2 07:10 myfile
In this example, the group ownership of the file “myfile” is changed to the group “cloudways” using the chgrp command.
After executing the command, the file’s permissions and group ownership are updated, and the new group ownership is displayed as “cloudways”. The file still belongs to the user “Rehman” but now belongs to the group “cloudways”. The modification date of the file is shown as August 2 at 07:10.
9. Check Your A Record for DNS Configuration
Another potential cause of the 403 Forbidden error is an incorrect domain name pointing to the wrong IP address. If your domain is not pointing to the right IP address, you may not have permission to access the site’s content.
This issue can occur if you have migrated to a new web host but forgot to update your nameservers, resulting in your domain still pointing to the previous host. In such cases, the previous host may terminate your account, triggering the 403 error status code.
To verify and resolve this, you can check the DNS records of your domain using the nslookup command in the terminal. The nslookup command is compatible with various operating systems, including Windows, Linux, and macOS.
For example, to check the A record for the domain ‘cloudways.com’, open the terminal window and enter the following command (replace ‘cloudways.com’ with your domain name):
nslookup -type=A cloudways.com
This will show you the DNS records associated with your domain and help you identify any discrepancies or misconfigurations.
Summary
I hope you found this guide helpful and were able to solve the “403 Forbidden Error” via the shared fixes.
Have you figured out just the right ways to get rid of this problem?
Please share your preferred 403 forbidden fix with us in the comments below for people facing similar issues.
Frequently Asked Questions
Q. Why am I getting 403 Forbidden on a website?
You may get a 403 forbidden error when you try to access a website or a resource that has been marked forbidden.
Q. Is the 403 error the same as the access denied error in WordPress?
Yes, the access denied error is another name for the 403 error.
Q. What is the main difference between 401 and 403 errors?
A 401 error occurs when someone provides no credentials or invalid credentials. In contrast, a WordPress 403 permission denied error appears when the client has correct credentials but is denied permission to perform a particular action on a resource.
Q. How can I prevent the 403 error from occurring?
You can prevent the 403 error by following the steps below:
- Cross-checking the .htaccess file
- Evaluating the plugin before installing it because a poorly coded plugin can also cause this error
- Checking the file permissions
Q. Can a misconfiguration in the .htaccess file result in a 403 Forbidden error in WordPress?
Yes, a misconfigured .htaccess file can cause a 403 Forbidden error in WordPress. Syntax errors or incorrect directives prevent proper request processing. It’s recommended to seek assistance from a web developer or hosting provider if needed.
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He's also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.