Last Updated on April 24, 2022 by WP Knowledge Hub
When you can’t access your own site, it can be very frustrating, especially if you have no idea what is causing the problem. 403 Forbidden errors usually occur when you try to log in to WordPress or visit a specific page on your website.
What causes 403 Forbidden Errors
HTTP status codes such as ‘403 Forbidden’ are used by servers to communicate with your browser. The 403 status code appears on your screen if your server feels you do not have the necessary permissions for accessing a particular page.
You may encounter the 403 Forbidden error when attempting to log into your WordPress admin area or when visiting a specific page on your site and it is usually accompanied by one of the following message or something very similar: “403 Forbidden – Access to this resource on the server is denied.”
“It appears you don’t have permission to access this page.”
“You are not authorized to view this page.”
The most likely reasons you are seeing this error message are:
- Wrong file permissions on the server
- Defective or corrupt plugin
- Corrupt .htaccess file
These are typically issues you can troubleshoot by yourself. If you want to proceed, try the following solutions.
How to Fix the 403 Forbidden Error in WordPress
Option 1. Change Your File Permissions
It’s important to know that each WordPress file and folder has special “permissions” that allow specific roles to read or write to those files. You can edit these permissions with an FTP client such as FileZilla, or by contacting your hosting provider’s technical support team.
In your server’s root directory, select the folder that contains the WordPress files. If you’re using FileZilla, this is typically the public_html folder. Then, right-click on it and choose File Attributes.
In the new window, locate the Numeric field and enter “755” or “750” in the value box. Then select the Recurse into subdirectories and Apply to directories only options, and click on OK.
This will give the correct file permissions to your directories. Now you can do the same thing for your files.
To start, right-click on your public_html folder and select File Attributes. This time, you’ll need to type “644” in the Numeric value field. Then choose Recurse into subdirectories, select Apply to files only, and click on OK.
Note that your wp-config file requires a different numeric value than the ones stated above. This unique value prevents other users on your servers from accessing the file. We recommend leaving this one untouched, but if you want to change it, you’ll need to manually change its file permission.
Find the wp-config.php file, right-click on it, and select File permissions. Next, set the numeric value to “440”, and click on OK.
Refresh your website and check again. If you still see the error message, the issue probably lies with the plugins.
Option 2. Deactivate Your Plugins
As mentioned earlier, the 403 Forbidden error can also be caused by a bad plugin. In order to know if this is actually the case here, you’ll need to deactivate the entire plugin folder temporarily to check if your website returns to its previous glory.
To start, access the server via FileZilla or the file manager in your hosting panel. Then, in your site’s root directory, open the wp-content folder and locate the plugins folder. Then rename the plugins folder to something like plugins.bak or _plugins.
If you can access your site after renaming the folder, then the 403 Forbidden error was caused by a bad plugin. Your next step is to find out which one it is.
In order to find out which one it is, you’ll need to manually deactivate them one by one and test over and over until you find the culprit. This may take a while but it’s the only way to know for sure!
Still having problems? Carry on.
Option 3. Delete and Restore the .htaccess File
A corrupt .htaccess file can also trigger the 403 Forbidden error.
Inside your site’s root directory, locate the .htaccess file, right-click on it, and choose Delete. Don’t worry, deleting it won’t take down the site, but it might cause temporary issues with the sub-pages (your home page will still work but, odds are, the other pages won’t).
Once you’ve deleted the file, log back into WordPress and head to Settings > Permalinks, and re-save the permalinks (keep everything the way it is). Re-saving the permalinks just resets the .htaccess and creates a new one if the old one was deleted.
This should restore your site to the way it was, and fix any remaining issues!