Seeing an HTTP 403 forbidden response code is triggered by visiting a directory or file with restricted access. To restrict access to a directory or file, you can consider the following scenarios:
- .htaccess rules to deny access for your IP.
- .htaccess rules to deny global access towards all IPs.
- Incorrect File/Folder permissions or ownerships.
- Missing index file for your application.
You can see all of the 403 forbidden errors within cPanel inside the "Errors" feature, located under the "Metrics" section. Here is an excerpt from the error log if you have denied access towards a specific IP address:
[Mon Jun 29 08:25:42.073551 2020] [access_compat:error] [pid 4179628:tid 23407075337984] [client 1.2.3.4:0] AH01797: client denied by server configuration: /home/nossl/public_html/403.shtml
[Mon Jun 29 08:25:42.068426 2020] [access_compat:error] [pid 4179628:tid 23407075337984] [client 1.2.3.4:0] AH01797: client denied by server configuration: /home/nossl/public_html/
When you face the above error, we recommend going over the .htaccess file for your website and removing any deny rules that may be present. Another reason for the 403 forbidden error is if your website is missing an index file.
[Mon Jun 29 08:28:03.720775 2020] [autoindex:error] [pid 4179628:tid 23407048021760] [client 1.2.3.4:0] AH01276: Cannot serve directory /home/nossl/public_html/: No matching DirectoryIndex (index.php,index.php7,index.php5,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.jp,index.phtml,index.shtml,index.xhtml,index.html,index.htm,index.js) found, and server-generated directory index forbidden by Options directive
If you come across this error for your website, please check if an index file is present and has correct permissions. If it is missing, then please deploy it to get your application working again. Lastly, here is an example when the HTTP 403 forbidden error occurs due to wrong permissions or ownerships:
[Mon Jun 29 08:30:12.032230 2020] [core:crit] [pid 4179628:tid 23407056426752] (13)Permission denied: [client 1.2.3.4:0] AH00529: /home/nossl/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/nossl/public_html/' is executable
[Mon Jun 29 08:37:38.122696 2020] [core:crit] [pid 4185777:tid 23407050123008] (13)Permission denied: [client 1.2.3.4:0] AH00529: /home/nossl/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/nossl/public_html/' is executable, referer: http://nossl.euuk1.armadaservers.com/
To solve this, you need to check and make sure that the permissions for your Files/Folders are as follows:
- Files: 644
- Folders: 755
We have an excellent knowledge base article explaining how to fix permissions with a single command. If correcting your file's permissions does not resolve your issue, the reason may be incorrect file/folder ownership.
Unfortunately, you will not be able to solve this on your end, and you need to reach our technical support team unless you are well-acquainted with Linux and the command-line interface. We have an excellent category in our knowledge base with a wide variety of Linux-related articles that you should check out!
If you are still facing the HTTP forbidden 403 error after following our recommendations on fixing them, please feel free to contact our technicians over the ticketing system in your Client Area. They are 24/7 available at your disposal and will be happy to assist you.
