How to Fix a 403 Forbidden Error On Your WordPress Site
At some point, you may encounter the dreaded 403 Forbidden error message on your website. Don't panic! In this post, we'll show a few ways to fix a 403 Forbidden error issue on your WordPress site. What is a 403 Forbidden Error? The 403 Forbidden error message means something is preventing access to a certain portion of your website.
At some point, you may encounter the dreaded 403 Forbidden error message on your website. Don’t panic! In this post, we’ll show a few ways to fix a 403 Forbidden error issue on your WordPress site.
3. Deny orders in
Sections of code can be added to your Follow these instructions for attempting to clear out rules in your
What is a 403 Forbidden Error?
The 403 Forbidden error message means something is preventing access to a certain portion of your website. This could be due to file permissions on the page or an.htaccess
rule that blocks access or password protection for certain directories. If you’re running a WordPress website, it could be due to several things specific to WordPress.
What causes a 403 Forbidden Error?
Several things are usually the culprit if you’re seeing a 403 Forbidden error on your WordPress website. We’ll cover them one by one:- WordPress security plugins
- File/folder permissions
- Deny orders in your
.htaccess
file - Password protected directories
1. WordPress Security Plugins
Certain rules within your.htaccess
 file are one thing that can cause you to run into a 403 forbidden error. Typically, these rules are going to be put into place by a WordPress security plugin like iThemes Security that you may have installed. [pullquote]The first place to look when you come across a 403 forbidden error is your security plugin (whether that is iThemes Security or another plugin).[/pullquote]
If you aren’t sure what settings of the plugin would handle writing rules to .htaccess
, you can easily test by simply temporarily disabling the security plugin and then trying to access the section of the site that previously was not working.
Once the security plugin has been disabled, if you are able to access without a 403 error, then you will want to begin looking through your security plugin documentation for what could be causing the issue.
2. File/Folder Permissions
Another common cause of the 403 Forbidden error is incorrect file or folder permissions. [pullquote]Typically, with a website, you want all files and folders to be set with certain permissions. These are 775 for folders and 664 for files.[/pullquote] Now there are some files and other extenuating circumstances that can result in those needing to be different, but if you want your files or folders to be viewed via a web browser, you’re typically going to need those permissions.3. Deny orders in .htaccess
file
Sections of code can be added to your .htaccess
 file to prevent access to parts of your website based on certain parameters and thus could result in a 403 forbidden error. As mentioned before, many WordPress security plugins make use of this technique, so it is highly recommended that any security plugins you are using be tested and ruled out as the culprit first.
Once you’ve done that and if you are still having issues, disable the security plugin once more and review the .htaccess
 file for these Deny orders.
Follow these instructions for attempting to clear out rules in your .htaccess
file:
- 1. Disable all of your security plugins.
- 2. Access your site via SFTP.
- 3. Navigate to the /web/content folder and download the
.htaccess
file. You may need to navigate to the specific folder where you are getting the error and check for a.htaccess
file there as well. - 4. Open the
.htaccess
 file in your favorite text editor. - 5. Look through this file for any code that looks like this:
order deny,allow Deny from All Allow from 123.123.123.123
- 6. If you find a section with a Deny from rule, comment it out in order to test if that was the issue. (You can comment out a line in the
.htaccess
file by adding a#
> in front of the line. So if we use the example above, it would look like this:
order deny,allow #Deny from All Allow from 123.123.123.123
- 7. Once you comment out the line and find no others within the
.htaccess
file, upload it back to the directory. - 8. After the
.htaccess
file has been uploaded, test the site and see if you are still receiving the 403 error.
4. Password Protected Directories
Finally, you could also see a WordPress 403 error if you are currently attempting to use password protected directories on your website. If you are aware of password protected directories, ensure that you are using the proper username and password. If your credentials are correct, remove the information you added when setting up the password protected directories and try again.Fixing a 403 Forbidden Error
Hopefully, these techniques helped you track down and solve your 403 Forbidden Error. Most likely, if you’re seeing a 403 Error on your WordPress site, you can solve it quickly and easily by following these quick steps.Sign up now — Get SolidWP updates and valuable content straight to your inbox
Sign up
Placeholder text
Placeholder text
Get started with confidence — risk free, guaranteed