How to Fix the 403 Forbidden Error (8 Methods)

When you access an empty website directory or a page with a permission error, you may see the 403 forbidden error. This is because the majority of websites are configured to block directory browsing so that attackers cannot access sensitive files.

Nonetheless, if you or your users experience this mistake on your website, it is essential to resolve the issue or you risk losing critical traffic. There are numerous approaches for resolving 403 problems as their reasons differ.

We will describe the various forms of 403 prohibited errors, their potential causes, and eight solutions for fixing the mistake.

Causes of 403 Forbidden

Frequently, HTTP 403 prohibited errors are caused by a client-side access misconfiguration, thus you can typically remedy the issue yourself.

The file or folder permission settings, which determine who may read, write, and execute the file or folder, are a common cause of these issues.

There are two possible explanations for this situation: either the website owner changed the settings so that you could not access the resources, or they did not set the proper rights.

The second typical cause is corrupt or incorrect.htaccess file settings. This may occur after you have modified the file. Creating a new server configuration file is thankfully an easy solution to the problem.

Other than these two main causes, the following are possible error triggers:

How to Fix the 403 Forbidden Error

Due to the strong relationship between the HTTP 403 prohibited error and file access rights, this will be the primary emphasis of the following solutions. However, there are further solutions to this problem, such as emptying the browser’s cache or screening for malware.Let’s examine each of the eight alternative solutions for HTTP error 403 in in detail.

Please note that while this article focuses mostly on WordPress, the procedures can also be applied to other websites.

Also Read: 4 Ways to Fix Error 404?

1. Check the .htaccess File

You may be unfamiliar with the.htaccess file because it is frequently hidden in the site directory. If you use Hostinger File Manager, however, the file will be accessible under the public html directory.

Follow the steps below to find it:

  1. Find the File Manager on the hPanel dashboard.
hPanel showing where to find the File Manager.
  1. Open the public_html directory to find the .htaccess file.
hPanel showing where to find .htaccess.

If you use cPanel, follow these steps:

  1. Locate File Manager on cPanel.
cPanel showing where to find the File Manager.
  1. In the public_html directory, look for the .htaccess file.
cPanel showing where to find .htaccess.
  1. If you can’t find the file, click on Settings on the top-right corner of the screen and enable the Show Hidden Files (dotfiles) option.
cPanel's preferences, showing how to enable the hidden files (dotfiles) option.

The .htaccess file is a server configuration file and mainly works by altering the Apache Web Server settings.

Although the file is present on most websites by default, you need to create a new .htaccess file manually if your website doesn’t have it or if it was deleted unintentionally.

Now that you have found the file, follow these steps to check whether a wrong configuration is causing the error:

  1. Right-click on the file and select Download to create a backup.
.htaccess file, showing where to find the download option.
  1. Once you have the backup, delete the file.
Window asking are you sure to delete .htaccess where you should press the red delete button
  1. Try accessing your website. If it works fine, this indicates that the file was corrupted.
  2. To generate a fresh .htaccess file, log in to your WordPress dashboard and click on Settings -> Permalinks.
  3. Without making any changes, click the Save Changes button at the bottom of the page.
WordPress dashboard, highlighting the Save Changes button.

This will generate a fresh .htaccess file for your website. If this didn’t solve the issue, try the next method.

Also Read: How to Check the Java Version using CMD on Windows PC?

2. Reset File and Directory Permissions

Incorrect permissions for files or folders is yet another potential cause of HTTP 403 failures. By default, when files are created, they are assigned precise file permissions that govern how they can be read, written, and executed.

Using FTP will let you edit file and folder permissions. To begin, you should:

  1. Configure an FTP client and connect it to your website.
  2. Once connected, right-click public_html and select File Attributes.
Screenshot from the FTP client showing where to find public_html file and File Attributes.
  1. Enter permission 755 in the Numeric value field, select Apply to directories only, and press OK.

The general practice for file permission numeric values is using 755 for folders644 for static content, and 700 for dynamic content.

Screenshot from the FTP's file attributes showing the numeric value at 755 and the apply to directories only option.
  1. After changing folder permissions, repeat step 2 and step 3, but now enter 644 in the Numeric value field and select the Apply to files only option.
Screenshot from the FTP's file attributes showing the numeric value at 644 and the apply to files only option.

Once done, try accessing your website and see if the error is resolved.

3. Disable WordPress Plugins

If you’ve reached this point and none of the preceding solutions have worked, the error is likely caused by an incompatible or defective plugin. In this step, we will test to see if removing plugins resolves the 403 disallowed issue.

We propose removing all plugins simultaneously as opposed to disabling them one by one. Using this strategy, you should be able to identify the issue and develop a remedy. Here is what is required of you:

DSisabled-plugins folder,

4. Upload an Index Page

The name of your website’s homepage should be index.html or index.php. If not, there are two possible alternatives. Renaming the homepage to index.html or index.php is the first and simplest option.

Upload an index page to your public html directory and create a redirect to your existing site if you choose to maintain the present homepage’s name.

  1. Upload an index.html or index.php file to your public_html directory. Use your hosting account’s file manager or FTP to do so.
  2. Open the .htaccess file.
  3. Insert this code snippet to redirect the index.php or index.html file to your existing homepage. Don’t forget to replace with the page’s actual name.

Also Read: Top 7 Ways to fix Gmail in iPhone

5. Edit File Ownership

Incorrect file ownership can result in the 403 prohibited error when using Linux or a VPS.

Files and folders can typically be assigned to an Owner, a Group, or both. Remember that SSH access is required to modify ownership in these setups. Additionally, an SSH terminal is required to connect to the VPS.

Once you’ve connected SSH to your website’s server, use the following SSH command to verify ownership:

6. Verify the A Record

The 403 prohibited error can also occur if your domain name points to an incorrect IP address where you lack access to see the content. Consequently, verify that your domain name resolves to the right IP address.

  1. Log in to your hPanel.
  2. Go to the Advanced section and click on DNS Zone Editor.
Advanced section on hPanel, highlighting the DNS Zone Editor
  1. You will see a list of DNS records. Find a record with the label A in the type column.
List of DNS records
  1. Check the IP address on the Content column.
  2. If it’s pointing to the wrong IP address, click Edit to change it. Once you’ve finished, click Update.

If you don’t find the correct record, create a new one from the Manage DNS records section. Make sure you select as the Type and insert the correct IP address into the Points to field. Then, click Add Record.

Manage DNS records window

If you have recently migrated from one web host to another and forgot to change your nameservers, your domain may still be pointing to your old web host. Once the old host cancels your account, it will cause a 403 error status code.

7. Scan for Malware

Malware can also result in the 403 error. If malicious software infects your WordPress site, it may continually insert unwanted code into the.htaccess file. Thus, the error will stay even if you continue to fix the file using the first technique we gave.

Examine your website for any malware. There are numerous WordPress security plugins, such as Sucuri and Wordfence, for this purpose.

The majority of WordPress security plugins, such as WordFence, can eliminate malware. Once the plugin has identified all infected files, you will be presented with options for removing or restoring them.Restoring the website using backup files is another option. If you don’t have a complete backup of the site files, it is also feasible to restore it using the database backup.

Also Read: How to Fix Hotspot Problem in Android?

8. Clear Your Web History/Cache

Your browser’s cache and cookies may also produce a 403 error. Cache caches information to make a website load more quickly the next time you visit. However, it’s likely that the website’s link has been altered, and the actual web page link is now different from the cached version.

Another option is that the mistake comes from the cookies. You may generally log in normally to a website, but your most recent login attempt resulted in this error message.

Clearing browser cache and cookies should cure this issue. Note that deleting the cache may result in a lengthy subsequent visit to the website, since the browser will request all the site’s files again. Clearing the cookies also signs you out from all logged-in websites.

Follow these steps to clear the cache and cookies on Google Chrome:

  1. Click on the three-dot icon on the top right corner and select Settings.
  2. Find the Privacy and security section and click Clear browsing data.
Google Chrome's privacy and security settings
  1. Use the drop-down menu to select the time frame for data deletion. Then, check the Cookies and other site data and Cached images and files options.
Clear browsing data settings - time range, browsing history, cookies and other site data, and cached images and files
  1. Click Clear data.

Once you’ve completed all the steps, try revisiting the website and logging in if it requires you to do so. If this or any other solutions don’t work, we recommend contacting our support team via live chat to resolve this issue


Because they prevent you from accessing a resource, 403 prohibited errors can cause a significant lot of aggravation. There are various additional potential causes, such as a missing index file, defective plugins, or even a malware infestation, in addition to wrong file permissions.

Finding the actual source of 403 issues might be challenging. However, if you follow the steps outlined in this post, we are certain that you may restore your website’s functionality.

To summarise, these are the steps you must perform to remove the 403 error notice from your WordPress website:

  1. Check the .htaccess file.
  2. Reset file and directory permissions.
  3. Disable WordPress plugins.
  4. Upload an index page.
  5. Edit file ownership.
  6. Verify the A record.
  7. Remove any malware.
  8. Clear the web browser history and cache.

The 403 forbidden error is just one of many HTTP error codes. As a website owner, you may have encountered other client-side errors such as the 404 error or server-side errors like the 504 gateway timeout.

We encourage you to keep learning about these errors so that you know how to handle them if they ever appear on your website.


Leave a Comment