How to Fix 403 Forbidden Error in WordPress?
The 403 Forbidden Error is one of the well-known errors on WordPress Website. To understand why this always appears, you need to know that how it works.
On this article, we will tell you the possible solutions to fix the 403 Forbidden Error for WordPress website.
The very first thing you should know about this error is that it is a Client-Side Error, and most commonly the error code starting with series digit 4( 4xx ) are Client-Side Errors.
What do these client-side errors mean?
The 4xx HTTP Status Code indicates that something is wrong on the client side. There is a problem with the authentication, and the client needs to fix it.
How do the Client-Server Model Works?
The client-server model is the most popular model of communication over the internet. There is a request-response cycle that is responsible for the communication between the client and the server.
Firstly, the client makes a request to the server and in return, the server response back to the client with the requested resources. Every time, the server response has an HTTP status code that indicates the success or failure of the request.
The three-digit HTTP status codes are the easiest way to identify the error. It tells about the nature of the error. Here is the list of some Most common 4xx: Client Side HTTP Errors.
1. 401 – Authorization Required
2. 413 – Request Entity Too Large
What is 403 Forbidden?
The 403 Forbidden error is a Client Side HTTP status code that occurs when you try to access a URL. It means that you do not have permission to view the requested page or resource.
You can face this error under different circumstance.
1. A 403 Forbidden error occurs when you don’t have permission to access.
2. Additionally, it occurs While trying to use an ErrorDocument to handle the request.
What Causes the 403 Forbidden Error in WordPress?
There are several reasons why 403 Forbidden error triggered. Going through the step by step guide is the best way to get rid of the error. The following are the common causes of 403 Forbidden error:
1. File Permission Issues.
2. Corrupt .htaccess file.
3. Incompatible or Faulty Plugins.
Different Scenarios of 403 Forbidden Error
1. You can face the 403 Forbidden error on wp-admin or WordPress login page.
2. 403 Forbidden – during WordPress install.
3. 403 Forbidden error – while visiting any URL.
4. It is also possible that you only see Access Denied instead of 404 Forbidden Error.
5. You may also see Access to yourdomain.com was denied. You don’t have the authorization to view this page.
Methods to fix the 403 Forbidden Error in WordPress
Note: Before moving on, it is recommended to take the backup of the entire website. You can use Backup Bank to backup your site. It is freely available on wordpress.org plugins directory.
Method 1) Change File Permissions
All files have file permissions, and these permissions are used to control who can access files and folders on your website. Inadequate file permissions can cause 403 forbidden error. Due to this, the web server believes that you do not have permission to access those files.
All Folders on your WordPress site must have the file permission of 744 or 755. All Files on your WordPress site must have the file permission of 644 or 640. Overall, all the Images, Media, and Text Files like HTML should be 755 or 644.
How to Change Permissions of a File?
File permissions play a vital role when it comes to hosting your website. They allow server computer to write, edit or view your file. Along with that, this also protects files from editing by changing the permissions. You can change your file permissions in many ways.
1. Using File Manager in cPanel
One of the easiest ways to change the permissions is by File Manager in cPanel. Please follow the following steps if you want to change the file permissions for folders or files in cPanel.
1. The first thing you need to do is Log In to your cPanel.
2. Choose the File Manager.
3. Now, select the file for which you would like to change the permissions. Click on the Change Permissions link at the top right of the page.
4. Set the permission for your file and click on Change Permissions.
2. Using FTP
It is pretty easy to change the file permissions with FTP.
1. Firstly, connect to your WordPress site using an FTP. Navigate to the root folder containing all your WordPress files.
2. Select the particular file or folder, right click and then select File Permissions from the menu.
3. A dialog box will appear in front of you asking to set the file permissions. Set the file permission to the root folder as 744 or 755.
4. Select the checkbox next to Recurse into subdirectories and then check the option saying apply to directories only.
5. Click on the OK button. Your FTP client will now start setting permissions to all subdirectories in that folder.
Once done, you need to repeat the process for all the files. This time you need to set 644 or 640. Again, select the checkbox next to Recurse into subdirectories and then check the option saying apply to files only. Click on the OK button and your FTP client will start setting file permissions for all the selected files.
Try to access your website now and check for 403 forbidden error.
3. Using Command Prompt
Type Explanation Owner: It’s the user who created and owns a file/directory. Group: All users who are members of the same group. Others: All other users, on the system who are neither the owners nor members of the group.
Syntax: chmod options permissions file name
There are two ways to represent these permissions:
1. With Symbols( Alphanumeric Characters )
2. With Octal Number ( From Digits 0 to 7 )
Let’s have a look at the example given below that will show you how you can write the syntax of chmod command in two different ways.
a) Symbolic Permissions Notation
Let’s assume that you are the owner of the file named new-document, and you want to set its permissions such as:
The user can read, write and execute it. Group can read and execute it. Other only may read.
Example: chmod u=rwx,g=rx,o=r new-document
The above example shows the symbolic permission notation. Here, the letter u means the user, letter g means the group, and the letter o means other.
The equal sign (=) is to set permissions properly, whereas letters, r, w, and x are read, write, and execute respectively.
The comma separator is used to differentiate the file permissions, and there are no spaces in between them.
b) Octal Permissions Notation
Example: chmod 754 new-document
Digits 7, 5, and 4 represent permissions for users, groups, and others.
The numbers are the combination of permissions. The first of the three digits represents the permissions for the Owner. The second digit represents the Group. The third digit represents the World.
Read is equal to 4. Write is equal to 2. Execute is equal to 1. No permissions for a user is equal to 0.
Write and Execute without Reading is equal to 3. Read and Execute without Write is equal to 5. Read and Write without Execute is equal to 6. Read and Write and Execute is equal to 7
At this point, all you need to know is that your files should always have permissions of 644 or 755. Read, write, and execute permissions allow you to view, edit, and run a file.
It is necessary for groups and others to be able to view files. However, there are some files which you may not want anyone to see.
For this, you need to uncheck the checkbox from the reading option. Then no one will be able to see the file. Instead, the user will see a 403 Forbidden error.
Method 2) Corrupt .htaccess file. / Hidden Files (Dot Files)
When the visitor tries to browse file like the .htaccess file, results in 403 Forbidden error. You cannot look at any file that starts with a dot, in your browser.
Example: http://domain.com/.htaccess will always result in a 403 Forbidden error.
The .htaccess file is responsible for determining how the Apache servers process the client request. Whenever the user modifies the file to achieve some functionalities could result in situations that could cause 403 Forbidden error.
If your 403 Forbidden error is due to the .htaccess file, then it is quite easy to fix this issue.
1. Access the root directory of the website by FTP or by File Manager WordPress plugin.
2. Click on the .htaccess File and Delete the file.
3. Once you remove the file, login to your WordPress Admin and navigate to the Settings menu.
4. Select the Permalink menu under the Settings menu. Click on Save Changes, and this will create a new .htaccess file.
Visit your website and ensure that everything is working correctly.
Method 3) Deactivate/Reactivate your Plugins
If the reason behind the 403 Forbidden error is a faulty plugin, then you have to deactivate all the plugins to check which one is the culprit.
There are two ways you can deactivate plugins.
1. Using the Plugins Menu in your WP dashboard: Need to navigate to WordPress Admin and click on plugins menu. Now, select all the plugins and choose to deactivate from the drop-down and click on apply.
2. By FTP : While FTP is quite faster, so we recommend deactivating the plugins through FTP. All you have to do is to rename your plugins folder.
Once done, proceed to check whether the error is gone or not. If yes, restore the folder’s name and find the culprit responsible for your 403.
The 403 Forbidden error is very annoying. There are chances that if you ever run across this issue, you will be able to fix it within a fraction of time. We hope this article helps you.