403 Forbidden error code is shown when your server permissions don’t allow access to a specific page. This is why the error is usually accompanied by the text:
403 Forbidden – You don’t have permission to access ‘/’ on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
There are different scenarios when you can see this error. Incorrect file permissions, poorly coded security plugins, or server configuration are the most common culprits.
There are different scenarios when you can see this error. For example:
- 403 Forbidden – Access denied on wp-admin or WordPress login page.
- 403 Forbidden – during WordPress install.
- 403 Forbidden error when visiting any page on your WordPress site.
- It is also possible that you only get to see ‘Access Denied’ instead of full 403 Forbidden status.
- You may also see ‘Access to yourdomain.com was denied. You don’t have authorization to view this page.’
Now that you know about the different types of 403 errors, let’s talk about what causes this error.
What Causes 403 Forbidden Error in WordPress?
The most common cause for the 403 Forbidden error in WordPress is due to poorly configured security plugins. Many WordPress security plugins can block an IP address (or a whole range of IP addresses) if they believe them to be malicious.
Another possible cause could be a corrupt .htaccess file or incorrect file permission on your server.
Before you do anything, we recommend that you create a complete WordPress backup of your website.
1. Fixing 403 Forbidden Error Caused by a WordPress Plugin
First thing you need to do is to temporarily deactivate all WordPress plugins. This includes any security plugins that you may have installed on your site.
If this resolves your problem, then this means one of the plugins on your website was causing this error.
You can figure out which plugin was causing the error by activating all your plugins one at a time until you are able to reproduce the 403 forbidden error.
2. Fix 403 Forbidden Error Caused by Corrupt .htaccess File
Often the 403 error is caused by a corrupt .htaccess file in your WordPress site. Repairing this file is quite easy.
First you need to connect to your website using a FTP client or file manager in cPanel.
Next, locate the .htaccess file in the root folder of your WordPress site.
You need to download the .htaccess file to your computer so that you have a fresh backup of it. After that, you need to delete the file from your server.
Try accessing your website. If 403 forbidden error is resolved, then this means that your .htaccess file was corrupt.
You can generate a fresh .htaccess file by logging into your WordPress admin area and going to Settings » Permalinks page.
Simply click on the Save Changes button at the bottom of the page and WordPress will generate a fresh .htaccess file.
3. Fix 403 Forbidden Error Caused by File Permissions in WordPress
All files stored on your website have file permissions. These file permissions control who can access files and folders on your website.
Incorrect file permissions can cause 403 forbidden error. It makes your web server thinks that you do not have permission to access those files.
If the above two solutions do not solve the 403 forbidden error on your site, then incorrect file permissions can be the most likely cause.
You can ask your WordPress hosting provider to check your website for correct file permissions. Some hosts are very supportive, they wouldn’t mind and will probably fix that for you.
Changing file permissions yourself can have serious consequences. If you do not feel confident doing it yourself, then ask a friend for help or hire a professional.
However, if you want to do it yourself, then here is how you would check your file permissions.
Simply connect to your WordPress site using an FTP client. Navigate to the root folder containing all your WordPress files.
Click to select a folder, right click and then select File Permissions from the menu.
Your FTP client will show you a file permissions dialog box like this:
All folders on your WordPress site should have a file permission of 744 or 755.
All files on your WordPress site should have a file permission of 644 or 640.
You can set the file permission to the root folder to 744 or 755. Check the box next to ‘Recurse into subdirectories’ and then check the option that says ‘apply to directories only’.
Click on the OK button. Your FTP client will now start setting permissions to all subdirectories in that folder.
Once it is done, you need to repeat the process for all the files. This time you will use file permission of 644 or 640 and don’t forget to select ‘Recurse into subdirectories’ and ‘apply to files only’. options.
Click on the OK button and your FTP client will start setting file permissions for all the selected files.
Try accessing your website now, and 403 forbidden error should be gone now.