What is 403 Forbidden
403 forbidden error is an HTTP error status that appears when a website user tries to access a prohibited page or resource. This access restriction occurs because the server reads a protected resource on a web page, so 403 forbidden appears as a form of protection for the resource.
403 forbidden is generally a blank web page with a small message at the top. Some of the most common types of 403 forbidden messages are :
- Error 403
- HTTP 403
- Forbidden: [You don’t have permission to access = [directory] on this server]
- Access denied You don’t have permission to access
- HTTP Error 403 – Forbidden
- 403 Forbidden
- 403 forbidden request forbidden by administrative rules
Causes of 403 Forbidden
Talking about the cause of the appearance of 403 forbidden cannot be directly considered a mistake. Because 403 forbidden is actually a warning message sent by the server due to actions that are considered to violate resource security. So if the website owner deliberately sets access permissions to protect a resource, then 403 forbidden will definitely appear when the user tries to access a prohibited page.
However, it is a different story if you as a website owner feel that you have never set certain access permissions on your website, but then one of your customers complains because they cannot open the intended page. This can be caused by an error in the access permission settings that make a page that should be accessible to anyone considered to have restrictions, and the server automatically protects the page.
If you are currently experiencing the second cause, then you must immediately solve the problem so that your website can be accessed again. No need to panic, because you can do some quick ways to solve 403 forbidden below:
How to resolve 403 Forbidden
1. Checking the .htaccess file
The first step you can take to resolve 403 forbidden quickly is to check the .htaccess file. If you don't know how to check the file, you can follow these steps:
- Login cPanel and open File Manager
- In the public_html section, you will find the .htaccess file
- If you don't find the .htaccess file, you can click the Settings menu (located in the upper right corner) then check Show Hidden Files.
- If you still can't find the .htaccess file, it's likely that the file has been deleted, no need to worry because you can immediately create a new .htaccess file
- After finding the .htaccess file, you can first download the file by right-clicking - download
- If the download process is complete, delete the .htaccess file in cPanel
- Try accessing your website again
- If the website can run smoothly again, it can be concluded that the cause of 403 forbidden is a corrupt .htaccess file, so after the file is deleted the website can return to normal.
- Next, create a new .htaccess file by logging into your WordPress dashboard and opening the Settings - Permalinks menu.
- Then click the Save Changes button to create a new .htaccess file automatically.
If you have followed these steps but 403 forbidden still appears then you can try the second method.
2. Change Permissions on a File or Folder
If you find that your .htaccess file is not corrupt, the problem may be in the permissions settings. Files and folders have permissions to regulate who can access the data in them. When you create a new file or folder, permissions are automatically set by default. This is not wrong because the default setting will make your work easier without the need to set file permissions one by one.
However, in this case, the default settings may cause improper settings for certain files or folders. Therefore, you need to change the permissions of these files and folders. You can do this via an FTP client or File Manager. Filezilla is an FTP client that allows you to change file and folder permissions settings. To do so you can follow these steps:
- Use Filezilla to access the website
- Login cPanel
- Right-click on the public_html folder then select File Permissions
- Enter the code "755" in the Numeric Value field
- Pilih Apply to directories only, then OK
- Try reopening your website, if it is back to normal it is a sign that 403 forbidden is caused by an error in the permissions on the file or folder.
If this second method still doesn't work, you can try the next method.
3. Disabling Plugins
After checking your .htaccess file and resetting your file permissions, you may still not be able to get rid of 403 forbidden. Don't give up, you can still try the third method: disabling WordPress plugins. 403 forbidden might be caused by a plugin issue, so you'll need to disable the plugin to get your website back to normal. To do this, you can follow the steps below:
- Open a hosting account via Client FTP
- Open the public_html folder and then wp-content
- Disable plugins by renaming the plugins folder to disabled-plugins
- Reopen your website, if it's up and running normally it means the 403 forbidden is a problem with your WordPress plugins.
Adding the word disabled- to the plugins folder will disable all plugins on your website. This step aims to determine whether or not the 403 forbidden is actually caused by problematic plugins. Therefore, even though your website is back to normal, you can't leave all the plugins off. So, now you need to do the next step which is to find which plugins are problematic.
You can change the folder name back to plugins, so all plugins will be active again. Then rename more specific plugins one by one by adding the word disabled- in front of it. Every time you change one plugins, try running your website again to check whether the 403 forbidden has disappeared or not. Repeat this step until you find the problematic plugins.
Setelah plugins yang bermasalah berhasil ditemukan, Anda dapat menghapus plugins tersebut lalu menginstall ulang maupun mengupdate versi terbaru jika ada. Dengan begitu kini website Anda terbebas dari 403 forbidden tanpa mengganggu fungsi plugins yang digunakan.