What is 403 FORBIDDEN ERROR IN WORDPRESS?
The 403 Forbidden error code is shown to a web browser when your web server permissions don’t allow access to a specific WordPress page. It means that you do not have permission to view the requested file or resource. A 403 Forbidden error is a particular type of error that occurs when you are trying to access a URL.
This article guide you on how to troubleshoot and fix Wordpress 403 Forbidden error.
There are different scenarios when you can see this error on the browser:
- 403 Forbidden – When you install WordPress.
- 403 Forbidden – Access denied on WordPress login page or wp-admin area.
- Access denied or 403 Forbidden error – While visiting any page on your WordPress site.
- It is also possible that you only see ‘Access Denied’ instead of 403 Forbidden error.
- You can also see that ‘Access to yourdomain.com denied. You don’t have permission for viewing this page’.
The following are the common causes of 403 Forbidden error:
- 403 Forbidden error encounters while trying to use a fraudulent document to handle the web request.
- You don’t have permission to access file/folder on the server. Every file and folder in the website requires proper access privilege to read, write and execute for the site to work fine. By default, the permissions for WordPress folders should be 755 and files should be 644. If the permissions are wrong, the site will give 403 error.
- Access denied on wp-admin or WordPress login page.
- Corrupt .htaccess(in Linux)/.web config(in Windows) file.
- Incompatible or faulty Wordpress plugins.
- Empty httpdocs (WWWROOT/public_html) directory.
- No WordPress index page found. The home page for your Wordpress must be called index.html or index.php file.
NOTE: Before going further, it is an excellent way to take the backup of the entire Wordpress website.
Fix 1: Deactivate faulty WordPress Plugins:
You need to deactivate all WordPress plugins to identify the problematic plugin; it helps to resolve the error.
- First, Login to Wordpress and go to Plugins.
- Deactivate all plugins which installed on your WordPress. It site works then you need to find out plugin which produces an error.
- Re-activate one of the plugins on your list.
- Visit the site to see if the 403 error is displayed or not.
- Repeat steps two and three until the 403 error reproduced in the browser. It is the problematic plugin that is causing the problem. You may need to change its configuration settings from a file or remove it from Wordpress. You can rename that particular plugin folder from file manager of your hosting Control Panel OR FTP connection to your Wordpress hosting space.
If you deactivate all of your plugins and the 403 forbidden error still displayed, then the problem may not be due to plugins. You’ll need to investigate other solutions.
Fix 2: Deactivate Themes:
You can deactivate the theme from your cPanel or via FTP, go to the path wp-content/themes/ and rename all of Wordpress theme folders in the same fashion as described for plugins above, except for a WordPress default theme. Now, your site to see if the error is gone, one of the theme you installed was the culprit.
You can also go to your admin dashboard and activate each theme one-by-one under Appearance > Themes > All Themes. By doing this, you can identify the theme which is causing the error.
Fix 3: Remove corrupt .htaccess File:
Many times, 403 error is caused by a corrupt .htaccess file in your WordPress sites so, you can repair this file to fix the issue. First, you need to connect to your website using an FTP client or file manager from your cPanel.
- First, locate the .htaccess file in the root folder of your WordPress site and download it to your local computer so that you have a backup of it on a secure side. After that, you need to delete/rename the file from your hosting space of Wordpress.
- Again check if 403 forbidden error resolved, then this means that your .htaccess file was corrupt. Alternatively, you can generate a new .htaccess file from your file manager.
Fix 4: File Permissions/Ownership:
What is the file owner?
Every file and directory on the Linux system is assigned 3 types of the owner, User, Group and Other.
- User: By default, a user is the owner of the file who has created it.
- Group: A user-group can contain more than one user. All users belonging to a group will have the same access permissions to the file.
- Other: Any other user who has access to a file. This person neither created that file, nor he/she belongs to a user group.
What are permissions?
Every file and directory in the Linux system has three permissions defined for all the 3 owners.
- Read: This permission allows you to open and read a file.
- Write: The write permission allows you to modify the contents of a file.
- Execute: In a Linux system, you cannot run a program unless the execute permission set for that.
A 403 Forbidden error can also cause by incorrect ownership or permissions on your Wordpress web files and folders. If the above two solutions do not resolve the error, then incorrect file permissions might be the cause.
- You need to connect to your WordPress site using an FTP client OR from file manager in cPanel. After that, navigate to the root folder containing all your WordPress files.
- Now, right-click on file/folder to change the permission. In the File manager, right click on the folder/file name and select Change permissions.
- All folders on your WordPress site should have a file permission of 755 or 744.
- All files on your WordPress site should have a file permission of 644 or 640.
- Once you do this, try to surf your website now, and 403 forbidden error should resolve. If you think that you have some difficulties to change the permissions, you can contact your hosting provider and ask them to assist further.
Fix 5: Firewall or Security Plugins:
Wordpress 403 error also occurs due to firewall or other security plugins. If the 403 error persists, check to see if the firewall is preventing access to any web pages. Check if your IP blacklisted by your firewall or security plugin. Turn off your server firewall and disable security plugin, clear your browser cache and try to access your website.
Fix 6: Hacked Wordpress:
It is possible that your website is compromised/hacked. In this case, you could fix your hacked WordPress site by restoring it using the latest backup. If the problem is still continuous, you should clean up your WordPress site manually OR install a fresh Wordpress. You can engage your hosting service provider in this case.
Fix 7: Log Out Wordpress Site Login Session:
In some cases, a browser may fail to send correct credentials to the site, that's leading to a forbidden error. If your website requires user authentication, it’s important to log out after you have cleared the cookies, then log back in.
Fix 8: Downgrade Recent Installed Updates:
If the error appears immediately after updating the Wordpress to the latest updates, Reverting to downgrade to older versions may help to solve the problem.
Some Other Resolutions:
- The previously mentioned practices are the best solutions you would like to do once you have experienced this forbidden 403 error. However, if the issue still can't be fixed, you can contact your web hosting provider. Sometimes, this error might cause due to wrong server configurations and security settings determined by your web host.
- It is possible that your IP address blocked in the web server firewall. You can also check the IP restriction rules on the server firewall.
Backup your site content, check your Wordpress plugins, check your Wordpress .htaccess file, check your Wordpress file permissions.
By following the methods listed above, we hope that you can get rid of the 403 forbidden error and bring your website back.