{"id":5797,"date":"2020-03-26T15:00:29","date_gmt":"2020-03-26T14:00:29","guid":{"rendered":"https:\/\/qodeinteractive.com\/magazine\/?p=5797"},"modified":"2020-10-15T10:29:11","modified_gmt":"2020-10-15T08:29:11","slug":"how-to-fix-403-forbidden-error-in-wordpress","status":"publish","type":"post","link":"https:\/\/qodeinteractive.com\/magazine\/how-to-fix-403-forbidden-error-in-wordpress\/","title":{"rendered":"How to Fix the 403 Forbidden Error in WordPress"},"content":{"rendered":"

[vc_row][vc_column][vc_column_text]The infamous 403 Forbidden Error is one of the most perplexing and common errors a WordPress user may experience. It can happen in any of the following situations: when you\u2019re logging to your site, editing or viewing pages and posts, and during WordPress installation or site migration.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]This error can be hard to wrap your head around since it can happen in a bunch of unrelated situations. At the same time, the error message is pretty short on information, plainly stating that \u2018\u2019You don\u2019t have permission to access… \u2019\u2019. Variations include the following phrases: access is denied, forbidden, not allowed to access, not authorized to view, etc.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]Here\u2019s an example of one of the many error variations.[\/vc_column_text][vc_empty_space height=”50px”]

\n
\n \"Forbidden <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]Luckily, troubleshooting is far easier than it might seem at first glance. In this tutorial, we will cover all the steps that have been proven to solve the issue. We\u2019ll start with the most common causes and solutions, but we will also deal with some lesser-known cases of the 403 error.[\/vc_column_text][vc_empty_space height=”68px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

How to Fix 403 Forbidden Error in WordPress<\/h2>\n

[\/vc_column_text][vc_column_text]For starters, we strongly recommend that you backup your WordPress site. If you have any questions about this process, contact your hosting provider.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]After you backed up your data, you are ready to investigate the possible causes and solutions to the 403 Forbidden Error.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

Creating a New .htaccess File<\/h3>\n

[\/vc_column_text][vc_column_text]The .htaccess file enables a number of server functionalities, but it can also be a source of issues that cause the 403 Forbidden Error. Fixing this file should solve the issue throughout the entire website.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]However, due to the all-encompassing nature of the .htaccess file and its importance to the site, finding the issue can prove to be quite difficult. To avoid the hassle of pinpointing it, the easiest way to get rid of the issue is to delete<\/strong> the current .htaccess file and create<\/strong> a new one.
\nYou can do this using an FTP client such as FileZilla.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]The .htaccess file is located in the root WordPress directory. However, it is often hidden, so you\u2019ll have to enable the option(s) for showing hidden files within the chosen FTP client. For the purposes of this tutorial, we used the FileZilla. In this FTP client, you\u2019ll enable access to hidden files by navigating to the Server tab and clicking on \u201cForce showing hidden files\u201d.[\/vc_column_text][vc_empty_space height=”50px”]

\n
\n <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]Make sure you download<\/strong> the .htaccess file to a location on your computer. This will allow you to keep any editing work previously done on the file in case you determine it is not the culprit of the 403 Forbidden Error.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]Save the file using the right-click<\/strong> and download.[\/vc_column_text][vc_empty_space height=”50px”]
\n
\n \"Download <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]Once you save the file, right-click<\/strong> on it and select<\/strong> \u201cdelete\u201d.[\/vc_column_text][vc_empty_space height=”50px”]
\n
\n \"Delete <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]At this point, the 403 error should be gone if a faulty .htaccess file is the culprit. Log in to your WordPress site and run the test.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]If the issue is still present, restore the backup .htaccess file saved on your computer. Simply upload<\/strong> the file to the same directory where it used to be.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]If the error is gone, create<\/strong> a new .htaccess file. Log in to your WordPress site, navigate to Settings > Permalinks<\/strong>, and click on \u201cSave changes,\u201d in the bottom left corner.[\/vc_column_text][vc_empty_space height=”50px”]
\n
\n \"Save <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]After creating the file, re-test the error. The way you\u2019re going to test depends on how the error was manifested. You can refresh the post or page, re-log to your dashboard, view the page or post once more, re-install WordPress, re-access certain folders, etc. The same should be done after each suggested step.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]If the error is still present, proceed to the next step.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

Fix 403 Error Caused by Incorrect File Permissions<\/h3>\n

[\/vc_column_text][vc_column_text]Another common cause for the 403 Forbidden Error is having incorrect permissions on all files and folders that form your WordPress site. Adjusting the permissions to their suggested values should solve it. You can do this manually, following the instructions we\u2019ll provide below. Alternatively, you can ask your hosting provider to do it on your behalf.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]Using file permissions, the server determines which users have the ability to read, write or execute. More precisely, file permissions determine the ability to view, edit and run the file as a script. Folder permissions define whether you can view the folder\u2019s content, add or remove the files inside or perform actions on the entire folder.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]The suggested permissions are:[\/vc_column_text][vc_empty_space height=”23px”]

    \n
  • \n\t
    \n For folders\/directories – 755 or 750 <\/span> <\/div>\n <\/li>\n<\/ul>
      \n
    • \n\t
      \n For files – 644 or 640<\/span> <\/div>\n <\/li>\n<\/ul>
        \n
      • \n\t
        \n For the wp-config.php file – 440 or 400<\/span> <\/div>\n <\/li>\n<\/ul>[vc_empty_space height=”10px”][vc_column_text]To change the folder permissions, connect<\/strong> to your server using an FTP client. Navigate<\/strong> to the folder containing your website\u2019s files, right-click<\/strong> on it and click<\/strong> on the \u201cFile Attributes\u201d option.[\/vc_column_text][vc_empty_space height=”50px”]
        \n
        \n \"File <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]In the numeric value box, insert<\/strong> either 755 or 750. Tick off<\/strong> both the \u201cRecurse into subdirectories\u201d and \u201cApply to directories only\u201d checkboxes.[\/vc_column_text][vc_empty_space height=”50px”]
        \n
        \n \"File <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]If you want to change the file permissions, follow a similar line of action. Go to the folder with the files you need, right-click<\/strong> it and select<\/strong> \u201cFile Attributes\u201d. Then, insert<\/strong> 644 or 640 in the numeric value box and click<\/strong> on the \u201cRecurse into subdirectories\u201d and \u201cApply to directories only\u201d checkboxes.[\/vc_column_text][vc_empty_space height=”50px”]
        \n
        \n \"File <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]To change the permissions of the wp-config.php file, find<\/strong> the file in the root WordPress directory. In our case, it is called public_html. Right-click<\/strong> on the file and select<\/strong> \u201cFile Permissions\u201d.[\/vc_column_text][vc_empty_space height=”50px”]
        \n
        \n \"File <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]In the numeric value box, insert<\/strong> 440 or 400.[\/vc_column_text][vc_empty_space height=”50px”]
        \n
        \n \"File <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]Now verify<\/strong> if the 403 Forbidden Error is solved.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

        Fixing 403 Forbidden Error Caused by a WordPress Plugin<\/h3>\n

        [\/vc_column_text][vc_column_text]If the previous 2 methods haven\u2019t solved the error, it is most likely that some of your WordPress plugins are the culprit. Luckily, it is very easy to test this possibility.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]Navigate to Plugins > Installed Plugins<\/strong> and deactivate them one by one. Run a test each time you deactivate a plugin. If the error is gone, you\u2019ll know that the last plugin you deactivated was the issue. If that\u2019s the case, you can either delete it and find another with the same\/similar purpose or contact the plugin customer support for help.[\/vc_column_text][vc_empty_space height=”68px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

        Additional Troubleshooting Steps<\/h2>\n

        [\/vc_column_text][vc_column_text]In most cases, the 403 Forbidden error should be solved using one of the 3 methods we described. In rare instances, however, the error can require additional troubleshooting. Let\u2019s look into these cases and possible solutions.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n

        Removing mod_security<\/h3>\n

        [\/vc_column_text][vc_column_text]Mod_security is an open-source firewall used by some servers for security purposes. Sometimes, it can cause the 403 Forbidden Error due to a misconfiguration. This issue requires you to remove the mod_security. You can do it yourself following the steps we laid out below, or you can contact your hosting provider for help.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]You can remove mod_security by adding<\/strong> the following code to the top of your .htaccess<\/strong> file via an FTP client.[\/vc_column_text][vc_empty_space height=”50px”][vc_column_text]<\/p>\n

        <IfModule mod_security.c> \r\nSecFilterEngine Off \r\nSecFilterScanPOST Off \r\n<\/IfModule><\/pre>\n
        [\/vc_column_text][vc_empty_space height=”39px”]
        \n    
        \n                                    \"Htaccess                        <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]If the error isn\u2019t resolved, delete the previously inserted code, as it may cause security issues.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n
        Reconfiguring Hotlink Protection<\/h3>\n
        [\/vc_column_text][vc_column_text]Hotlink Protection is an option in cPanel which prevents direct linking to your files from other sites. Those files are often images, so the 403 error could be manifested as an inability to view these images. Since this option is used to restrict access, the error is shown when you are unable to access a file (image) which should be accessible.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]To solve this issue, (re)configure<\/strong> your Hotlink Protection. Log in<\/strong> to cPanel using your credentials, scroll down<\/strong> to the Security section, and click<\/strong> on Hotlink Protection.[\/vc_column_text][vc_empty_space height=”50px”]
        \n    
        \n                                    \"Hotlink                        <\/div>\n<\/div>[vc_empty_space height=”38px”][vc_column_text]The only thing that remains is to carefully adjust the parameters. This usually means adding more file extensions to the \u201cBlock direct access\u201d box and ticking off the \u201cAllow direct requests\u201d checkbox<\/strong>. The file extensions should be separated with a comma. In the \u201cURLs to allow access\u201d section, check the list of sites and add the ones that are missing. Those sites are \u201cwhite-listed\u201d from the hotlink protection process.[\/vc_column_text][vc_empty_space height=”50px”]
        \n    
        \n                                    \"Reconfigure                        <\/div>\n<\/div>[vc_empty_space height=”82px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n
        Renaming the File<\/h3>\n
        [\/vc_column_text][vc_column_text]Uploading files to WordPress is an often overlooked instance when 403 Forbidden error (among others) might happen. To be more precise, this issue happens when you upload files with improper filenames. Quite often, they contain an apostrophe.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]To test this, rename<\/strong> the file manually. The filename should only use letters (excluding international language symbols), numbers, and dashes. Upload<\/strong> it and check if the issue is resolved.[\/vc_column_text][vc_empty_space height=”72px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n
        Contact Hosting<\/h3>\n
        [\/vc_column_text][vc_column_text]If you had no luck solving the error with the suggestions we gave you, contact your hosting provider and ask for further assistance.[\/vc_column_text][vc_empty_space height=”81px”][vc_separator color=”custom” accent_color=”#f0f0f0″][vc_empty_space height=”50px”][vc_widget_sidebar sidebar_id=”top-picks-banner”][vc_empty_space height=”28px”][vc_separator color=”custom” accent_color=”#f0f0f0″][vc_empty_space height=”80px”][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n
        Final Thoughts<\/h2>\n
        [\/vc_column_text][vc_column_text]Chances are you\u2019ve been able to regain access to your site, pages or resources using this tutorial. At the same time, you\u2019ve learned something new about this pesky issue.[\/vc_column_text][vc_empty_space height=”28px”][vc_column_text]Feel free to bookmark this 403 Forbidden Error troubleshooting guide! It\u2019ll surely come in handy whenever you face a similar problem. [\/vc_column_text][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"
        In this tutorial, we will show you how to fix the 403 Forbidden Error in WordPress based on more and less known causes of the issue.<\/p>\n","protected":false},"author":11229,"featured_media":5942,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[4,52,13],"class_list":["post-5797","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorials","tag-tips","tag-troubleshooting","tag-wordpress"],"_links":{"self":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/5797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/users\/11229"}],"replies":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/comments?post=5797"}],"version-history":[{"count":0,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/posts\/5797\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media\/5942"}],"wp:attachment":[{"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/media?parent=5797"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/categories?post=5797"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qodeinteractive.com\/magazine\/wp-json\/wp\/v2\/tags?post=5797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}