You may have encountered an error message with the word “Forbidden” while trying to open your WordPress website. Probably you have no clue what it was all about. But it is a common error with websites and results in the downtime of a page or an entire site. Your WordPress site may throw the errors, especially when you open a page or link on the website.
WordPress 403 forbidden error is a risky error for your WordPress site. It can be even severe if you are a WordPress beginner. However, you need not worry. There is a way you can fix it. A file located in the .htaccess may be corrupt, and that is what causes the error. Once you drop the corrupt file, your WordPress site becomes operational again. You do not want to lose out on business due to some unexpected downtime on some web pages on your website. A few minutes to an hour of downtime reduces the user experience and can lead to many clients’ loss. This is in case you have monetized your account through e-commerce, advertising, or through ad campaigns.
We invite you to read on and get some invaluable insights into the WordPress 403 forbidden errors.
What is 403 Forbidden Error? – Access Denied in WordPress
This error indicates that your web server has declined to process the request from your browser due to permission issues. Until you have proper permission settings, the webserver will not handle the request. You can see some codes showing the cause of the error whenever your WordPress website has errors.
The error code appears when server permissions on your site do not allow your users access to a page on your website. The error usually appears in this format.
- “403 Forbidden – You don’t have permission to access
- ‘/’ on this server. Additionally, a 403 forbidden error was encountered while trying to use an Error Document to handle the request.”
- Whenever your WordPress website has error messages, there are some codes that are shown regarding the reason for the error. One such error is the 403 forbidden error WordPress.
- Essentially, this error code is shown on WordPress when server permissions on your site do not allow your users access to a webpage on your site. The error is normally shown in this format.
- “403 Forbidden – You don’t have permission to access ‘/’ on this server.
- Additionally, a 403 forbidden error was encountered while trying to use an Error Document to handle the request.”
Variations of 403 Forbidden Errors
Many variations of this error exist. Here are some of the common examples your website may throw.
- HTTP 403
- 403 Forbidden
- HTTP Error 403- Forbidden
- Forbidden: You don’t have permission to access (directory) on this server.
- Error 403 – Forbidden
- 403 Forbidden: Access is denied.
Whichever 403 Forbidden error you may run into has a solution. There is a couple of things you can try out to fix and get your WordPress site back to normal. Note that if the error stems from changes in web server settings, the solution can only be from that end.
How 403 Forbidden errors affect Search Engine Rankings?
Your site’s search engine ranking will begin to scale down if you do not fix these errors. What happens is that the errors inhibit the indexing of affected pages on search engines. So, it results in the expunging of the pages from the search engine index. And once search engines stop indexing your content, the ranking radically nose-dives.
Always track the analytics, webmaster data, and search console of your web for such errors. You can do so by logging into the Google search console and selecting your website. Then go to Index and click on Coverage. See the next screenshot. You should be able to see the error status indicating the total number of errors present. You can also see what type of errors they are and thus try to fix them to avert the odds of your site ranking below par.
Pro Tip: Always update your site’s XML sitemap. Do it in the search console. Additionally, you can also use a plugin for redirection in case you changed your URL. Redirect the old link to your current one.
What causes 403 Forbidden Errors in WordPress?
The 403 forbidden errors occur due to varied reasons. You will bump into these errors if you do not configure your WordPress Security plugins the correct way. The plugins can block IP addresses on the suspicion that they could be malicious. It could also be as a result of the changes and updates your web hosting company implements on their server. Another likely cause could be a corrupt .htaccess file. And again, incorrect permission settings may occasion the 403 forbidden errors.
How to solve 403 Forbidden Error in WordPress?
First, ensure that you create some backup for all the data you have stored on your WordPress site. You can do so by following this guide. Alternatively, if you have a plugin for your WordPress to help with the backup of files, you can use it.
Let us see how you can fix some of the typical 403 Forbidden errors you may encounter while on your WordPress site.
- File permissions issues
- Password protected directories
- Issues with .htaccess file
- Faulty WordPress Plugins
- Temporarily deactivate CDN
- Improper hotlink protection configuration
- Do away with mod security
- Clear cookies and your browser cache
- WordPress multisite
See More:- Keys to Secure Your Gmail Account
File permissions issues
Your WordPress folders and files need different permissions. These are permissions to view the contents of a folder, make changes to the files in the folder, or execute them. There is a level of permission in the form of a number comprising three digits. It is these permissions that dictate what one can do on the folders and files on your website. And if the permissions are not set correctly, you will run into a 403 Forbidden error. You can use your FTP client to set the permissions. You select a folder, right-click on it, and select File Permissions, as you can see in the next illustration.
You should be able to see a dialog box like the one below.
Set the permission to either 744 or 755. Ensure the permission for all files on your website is either 640 or 644. As for the root folder, set the file permission to either 744 or 755. Additionally, there are two options you need to activate. These are the “Recurse into subdirectories” and “apply to directories only.” Just check the checkbox and click the radio button, respectively and click Ok. Your FTP client will set permissions to the files found in that particular folder.
You have to repeat the process for all files. This time around, you have to set the permission to 640 or 644. Be sure to activate “Recurse into subdirectories” and “apply to files only.” If the error was due to incorrect permissions, and it should be gone now.
Directories With Password Protection
Use the correct username and password if your WordPress directories have password protection. Providing wrong credentials could spark the 403 Forbidden error. The error may persist even when credentials are correct. In that case, clear the information you provided when configuring the directories. And then try setting the credentials again. That should do you the trick.
Issues with .htaccess file
A corrupt .htaccess file may result in a 403 Forbidden error. You can solve it by repairing the file. The Apache web server uses the .htaccess file to control access to your website and configure redirects. Minor alterations in the configuration settings may trigger a major 403 Forbidden error. The easiest trick around it is to create a new .htaccess file. You can do so by following this procedure:
- Use FTP to connect to your server
- Navigate to your root folder and locate the .htaccess file.
- Download the file so that you have a copy on your computer just in case.
- Now that you have a backup copy of the file on your computer, delete the .htaccess file.
The next step is to let WordPress create a new .htaccess file. This is how you do it.
- From your WordPress dashboard, go to settings and select Permalinks.
- Scroll down the Permalinks settings page and click on the Save Changes button.
WordPress will generate a new .htaccess. See the next screen for more understanding.
Now that WordPress has created a new .htaccess file, you should be able to access your website. That is if, at all, the error resulted from a corrupt .htaccess file.
Faulty WordPress Plugins
Your WordPress plugins can also ignite the 403 Forbidden error. Some plugins may contain bugs or be incompatible with other plugins. So, go to your WordPress dashboard and hover over the plugins option. Then select Installed Plugins to display all the available plugins, and do as follows:
- Deactivate all plugins.
- If that solves the problem, it means a faulty plugin caused the errors.
- Activate your plugins back one at a time, and you will get to know what caused the 403 forbidden error.
In case you cannot access your WordPress dashboard, use FTP or SFTP to connect to your site’s server. After connecting to the server, do the following:
- Navigate to the WP-Content folder.
- Locate the plugins folder within the WP-Content folder.
- Rename the plugins folder. Right-click on it and select Rename. Give it a name you can remember.
Changing the folder’s name disables all plugins in your WordPress website. Next, try to access your site. If the site works, it goes without saying there is a plugin causing the error. So, begin reactivating your plugins one at a time as your test the site until you get the guilty party. You will see an error showing that the plugin file is missing after renaming the plugins folder. That is when you go to the plugins option on your WordPress dashboard.
Once you have found the faulty plugin, deactivate it. Then use the FTP tool to change the name of the folder back to the former name. That is plugins. After doing that, you will be able to see your plugins again. Note that they will not be active.
Use the Activate button to reactivate your plugins one by one. You can try to install a different plugin that performs the same function as the faulty one. You may as well contact the developer of the faulty plugin for help.
Temporarily Deactivate CDN
Your content delivery network can also cause the 403 Forbidden error. So, disable it temporarily and check if the error is gone. Enable it if the error persists. The problem is not CDN.
Improper Hotlink Protection Configuration
Someone may add an image to your site and live the hosted link pointing to another website. That is what we call hotlinking. Set up hotlink protection with your CDN provider to avert the odds of that happening. You can as well do it with your WordPress host. Upon enabling hotlink protection, it will throw a 403Forbidden error. So, it is worthwhile ensuring you configure your hotlink protection the right way.
Some servers use Mod security for security purposes. It is an open-source firewall. And it causes the 403 Forbidden error on occasion if you misconfigure it. Therefore, remove the firewall and test your website to see if it works. To remove mod security, add the following code to the .htaccess file. Use your FTP client and add the code at the top of the file.
- <IfModule mod_security.c>
- SecFilterEngine Off
- SecFilterScanPOST Off
Note: Remove the code if it does not fix the error. Failure to remove it may result in security problems.
Clear Cookies and your Browser Cache
Clearing cookies and your browser cache can resolve the 403 Forbidden error. You can clear all cookies by going to your browser history and clearing it. See the next screenshot.
Select Clear browsing data. You will see a screen similar to the following.
Also, you can read WP Rocket Review: The Best Cache Plugin to WordPress
Check the box next to Cookies and other site data and hit Clear data. That wipes all cookies from your browser. And if you want to clear cookies and cache data from a specific time, select the time range. The available options are Last hour, Last 24 hours, Last 7 days, and Last 4 weeks.
Creating a wildcard subdomain in WordPress multisite installation causes the 403 Forbidden error. So, check your subdomain and change the wildcard setting. What’s more, check the subdomain redirects.
WordPress 403 Forbidden errors can be so nagging. While the cause is not the same, you can get a solution to whichever error you may bump into. We hope this article will help you fix most of these errors. And your website downtime will reduce if you pay heed to the various solutions the article covers. Be sure to keep an eye here for more tips in the future. Feel free to reach out to us should you need help related to the errors we have discussed.
Still, experiencing Issues? We are here for you
Feel free to contact us if the solutions we have discussed in this article do not solve your problem. We offer 24/7 support services. We would be glad to help.
Here are a few more topics that you shouldn’t miss:
Keys to Secure Your Gmail Account
How to change WordPress Admin to Login URL for Improved Security
Sucuri: Free Malware Scanner
Like this post? Don’t forget to share