Loaded your website and saw a 403 Forbidden or HTTP 403 error instead of your usual homepage? Although equally debilitating for you like the white screen of death in WordPress, there’s a chance you’re the only one seeing it. If so, your visitors can stay oblivious of the issue while you’re working on a solution. So, what causes the 403 Forbidden WordPress error? To put it simply, the server has received and understood your request, but couldn’t authorize your access permissions. That’s why in some cases the error reads 403 Forbidden: Access Denied. With that out of the way, here’s how to fix 403 Forbidden error in WordPress.
Recommended: Make a backup
Although it can be classified as a step, it is not necessary, just strongly recommended. Always create a backup of your WordPress website before you make severe changes. Install a backup plugin for WordPress if you have none.
1. Check your hosting access permissions
Seeing any version of the 403 error message could indicate this is the problem. However, a dead giveaway is the 403 Forbidden Request: Forbidden by administrative rules message. If so, there might be nothing wrong with your website. You must have flagged your hosting’s bot or hacking countermeasures and your access was blocked. This happens if you enter your website from multiple tabs or sign in repeatedly to the WordPress login page or the WordPress Admin Section.
If you’re using a security plugin for WordPress, your IP can be blocked using .htaccess as well. The best way to check is to get anyone outside of your network to load the website. Friends aren’t available? Use a VPN or a website such as Is It Down Right Now? If they can access it, follow method 3 below. If that doesn’t work, contact your hosting Customer Support, which is usually available 24/7.
2. Check your file and folder permissions
A number that is too low, which directly correlates with permission of your files and folders can prevent the website from loading. For that reason, fixing the 403 Forbidden WordPress error can be as easy as setting up file and folder permissions in WordPress. If you need more details, you can also refer to method 1 in fixing the “Upload: Failed to write file to disk” WordPress error.
3. Inspect or regenerate your .htaccess file
We mention inspecting because there’s a possibility that Here’s how to access the .htaccess file in WordPress:
- Access your WordPress website via FTP.
- Open your root folder, also named public_html or www sometimes.
- Right-click on the file named .htaccess and select View/Edit from the menu.
- We mentioned inspecting because the most recent change could be the cause. Scroll down to the bottom and try to revert it.
- If you can’t remember, feel inadequate, or don’t want to bother with it, simply delete the .htaccess by right-clicking on it, then selecting Delete.
- Load your website and check whether you solved the 403 Forbidden error in WordPress.
- If you didn’t, restore the old file from a WordPress backup.
- If you did, follow the instructions below.
How to generate a .htaccess file
There are two easy ways to do create a new .htaccess file:
1. Create a new .htaccess file
Right-click anywhere in the root folder and create a new document. Name it .htaccess, paste the contents of a default WordPress .htaccess file, and save changes.
2. Generating .htaccess file through Admin Dashboard
Sign in to the WordPress Admin Dashboard then click on Settings > Permalinks in the menu on the left. Select any option under Common Settings other than the active one, and click Save Changes. Negate the change by selecting the original option and click Save Changes again.
4. Disable your WordPress plugins
If none of the above helped, try deactivating all WordPress plugins temporarily. We described the process in depth under the headline Fixing the problem if the plugin caused it in our “Are you sure you want to do this” WordPress error guide. If it doesn’t help, we suggest contacting your hosting’s 24/7 Customer Support you’re entitled to.
If it does, slowly enable WordPress plugins one by one until you trigger the error again. After that, the solution to the 403 Forbidden error is deleting or replacing the faulty WordPress plugin. If it’s really important to your workflow, consider reaching out to the plugin developers as well.
5. Verify your hotlink protection configuration
We saved this one for last because it’s not as common. Hotlinking is not only looked down upon but even illegal in some cases. It happens when another website uses a direct link to a resource, most often an image, hosted on your website. That way, they get to reap the benefits of your work while hogging your resources. An unexpected influx in traffic can both crash your website and display a host of errors, plus cost you money if it exceeds your monthly plan. Once again, the best course of action is getting in touch with your hosting’s Customer Service.