What is the 403 Forbidden Error & How to Fix It

403 error

You can usually resolve the issue yourself because client-side access misconfigurations frequently cause HTTP 403 forbidden errors. The 403 forbidden errors can be caused frequently by the folder or file permission settings that generally control permission pertaining to who can read, write or operate such folder or file.

This can be one of two scenarios: either the website owner has modified the rights so that you can’t access the resources, or they’ve misconfigured them.

Corrupt or improper settings in the.htaccess file are the second typical cause. After you make modifications to the file, this could occur. Fortunately, the problem may be quickly fixed by simply writing a new server configuration file.

What is a 403 Forbidden Error?

403 forbidden error

The 403 Forbidden error would generally happen when a web server prevents a user from accessing the web page through a web browser. The HTTP status code the web server uses to identify the mistake leads to the term “403 error.”

The error might take many different forms, and there are many reasons why the web server has blocked access. It is displayed in a variety of ways and its causes are discussed below.

Most Frequent 403 Forbidden Error Messages

Webmasters can alter the 403 error’s presentation just like other problems. The used web server has an impact on its contents as well. This explains why various 403 error pages can be found on various websites.

Typical 403 error messages include:

  • 403 Forbidden
  • HTTP 403
  • 403.14 HTTP Error – Forbidden
  • 403 Forbidden error
  • Error 403: Forbidden
  • Forbidden: You don’t have permission to access [directory] on this server
  • 403 Error
  • Error 403
  • Forbidden
  • HTTP Error 403 – Forbidden

Why Do 403 Forbidden Errors Occur?

The following are potential causes of the 403 Forbidden error:

  • Faulty WordPress plugin: The 403 errors may be caused by a WordPress plugin that is not configured properly or that is incompatible with another plugin.
  • Incorrect IP address: The domain name resolves to an outdated or incorrect IP address that now hosts a website that prevents you from accessing it.
  • Infection with malware: A malware infection may result in a persistent corruption of the.htaccess file. Before restoring the file, you must get rid of the infection.
  • New website link: The link to the page may have been altered by the site owner and is now distinct from the cached version.
  • Empty website directory: The 403 error appears if neither an index.php nor index.html page exists.
  • Missing Index Page: The error can appear again in case the homepage’s name id, is not index.php or index.html.
  • Permission/ownership errors: The 403 error is brought on by improper ownership or permission settings.
  • Malware infection: Malware-infected files have the potential to continually corrupt the.htaccess file.

Steps to Fix 403 Forbidden Errors

Let’s examine each solution to the HTTP error 403 in more detail. Some of the ways to fix the forbidden errors are:

1. Examine the.htaccess file

Since the.htaccess file frequently remains hidden in the site directory, you might not be familiar with it. The file is, however, automatically accessible in your public HTML directory if you utilize File Manager.

Use cPanel and take the following actions:

  • On cPanel, find File Manager.

cPanel file manager

  • To find the.htaccess file, look under the public HTML directory.


  • For enabling the “Show Hidden Files” option, in case you fail to locate the file, you can choose Settings in the top-right corner of the screen.

show hidden files cPanel

The.htaccess file mainly impacts Apache Web Server settings as a server configuration file.

Even though most websites get the file by default, if your website does not have one or if it was inadvertently deleted, you must manually create a new file.

  • Right-click on the file and select the ‘download’ option to create a copy.

download htaccess

  • After you have the backup, delete the file.
  • Try accessing your website, and if you can access it easily, then there are chances that the file was corrupted.
  • Then Log into your WordPress dashboard and select Settings -> Permalinks to create a new.htaccess file.


  • Then, without making any adjustments, click the “save changes” button at the bottom of the page.

A new.htaccess file will be created for your website as a result. Try the following approach if this doesn’t make the problem go away.

2. Directory Permissions

Incorrect file or folder permissions are another factors that could result in HTTP 403 problems. Usually, when a file is created, it has a set of default file permissions that govern who can read, write, and execute it.

You can change file and folder permissions by utilizing FTP. To start, you ought to:

  • Set up and link an FTP client to your website.
  • After connecting, select File Attributes by right-clicking public HTML.

FTP file attributes

  • Select Apply to directories only, type permission 755 in the Numeric value area, then click OK.

Generally speaking, folders should have a file permission value of 755, static content should have a value of 644, and dynamic content should have a value of 700.

ftp directory permissions

  • Repeat steps 2 and 3 after modifying the folder permissions, but this time enter 644 in the Numeric value area and choose the Apply to files only checkbox.

After that, try visiting your website to see if the issue has been fixed.

3. Turn off any WordPress plugins

If you’ve made it this far and none of the previous fixes has worked, there’s a good possibility that the issue results from a malfunctioning or incompatible plugin. This step involves trying to disable plugins to see if doing so resolves the 403 prohibited error.

Instead of removing the plugins one at a time, it is advisable to remove all the plugins at once. You can make use of this method for identifying the issue and then search for the solution. What you must do is as follows:

  • Log into your hosting account using FTP or the file manager, then navigate to the public HTML -> wp-content folder.
  • Locate the folder for plugins.
  • For disabling all the plugins, you need to rename the folder to a different name, such as “disabled plugins.”

Try revisiting the website. A malfunctioning plugin is the true cause of the error if it has vanished.

Rename the folder to plugins once more. You must now disable each plugin individually from your WordPress dashboard while checking to see if the website is still operational. You will be able to identify the problematic plugin in this manner.

Once you’ve located it, either delete it or update the plugin as necessary. However, if you see the problem persisting even after that, you need to check with the hosting company for assistance.

4. Run a malware check

The 403 error is usually caused by a malware attack. It’s possible for malicious malware to continuously inject undesirable code into the.htaccess file on your WordPress website. In this manner, the issue will continue to occur even if you keep repairing the file using the first technique we described.

Malware may be eliminated by most WordPress security plugins, including WordFence. Once the plugin has identified all affected files, you’ll have options for these files, such as removing or restoring them.

Another approach is to use backup files to restore the website. In case you do not have an entire backup of the site files, then you can find them using the database backup.

5. Delete Your Web Cache and History

A 403 error could potentially result from the cache and cookies of your browser. For a website to load more quickly the next time, you visit it, cache caches data. However, the website’s link is likely changed, making the cached version no longer correspond to the actual web page link.

The problem could perhaps originate from the cookies. On a website, you might typically log in normally, but your most recent effort to log in resulted in this error notice.

There also is another way of fixing the problem which is by deleting the cache and the cookies from the browser. The next time you visit the page, be aware that it can take a while because your browser will have to download all the site files again if you delete the cache. By deleting the cookies, you log out of all open websites.

Clearing the cache and cookies in Google Chrome requires the following steps:

  • Select the three dots on the top right corner for selecting the ‘Settings’ option.
  • Go for the Clear Browsing Data link under the Privacy and Security section.clear browsing data
  • To choose the time period for data deletion, use the drop-down option. Check the choices for Cached images, files, Cookies, and other site data afterward.clear data
  • Click on Clear Data.

After you have followed through the steps, go back to the website and log in if required. In the event that none of the previously mentioned fixes work, we advise contacting our support team via live chat to get this problem fixed.

6. Check the A Record

If your domain name resolves to the incorrect IP address and you do not have permission to read the content, you may receive the 403 Forbidden error. Check it again if your domain name points to the right IP address.

Access the DNS Zone Editor on your hPanel to verify that the domain A record is pointed correctly.

Create a new record from the Manage DNS records section if you can’t find the right one. Make sure you put the right IP address in the Points to field and choose Type A. Click Add Record after that.

Your domain would point to your former web host if you have switched from one web host to the other recently and would have failed to change the nameservers. Your account will be terminated by the old host, which results in a 403 error status code.


The finest user experience and reliability are provided by high website availability. Therefore, website owners work to ensure that their site is always accessible and spend money on website maintenance services. For retaining your visitors to your site, it is essential to prevent or immediately fix HTTP issues. You ought to be able to quickly resolve the 403 Forbidden problems and keep your business operating after following this article.