How to Fix the 403 Forbidden Error in WordPress (5 Methods)

How to Fix the 403 Forbidden Error in WordPress (5 Methods) thumbnail

Being barred from your own site can be very frustrating, especially when you have no idea what is causing the problem. The 403 Forbidden error typically occurs when you’re trying to log in to WordPress or visit a specific page on your site.

Fortunately, there are a few simple fixes for this common WordPress error. Depending on your hosting plan, you may even be able to resolve the issue with help from your web host.

In this post, we’ll take a closer look at the 403 Forbidden error and its main causes. We’ll then show you five ways to fix it. Let’s get started!

Get Content Delivered Straight to Your Inbox

Subscribe to our blog and receive great content just like this delivered straight to your inbox.

What the 403 Forbidden Error Is (And What Causes It)

The 403 Forbidden error is one of several HTTP status codes used by servers to communicate with your browser. When the 403 status code shows up on your screen, it means that your server thinks you do not have the required permission to access that particular page.

The 403 Forbidden error typically appears when you’re trying to log in to your WordPress admin area or when you visit a specific page on your site. You may also encounter it while installing WordPress.

The error is usually accompanied by one of the following messages (or similar variations):

  • “403 Forbidden – Access to this resource on the server is denied.”
  • “Forbidden – You don’t have permission to access [directory name] on this server.”
  • “You are not authorized to view this page.”
  • “It appears you don’t have permission to access this page.”
  • “403. That’s an error. Your client does not have permission to get URL [address] from this server.”

Instead of the “403 Forbidden” status, you might come across a simple notification that says “Access Denied.” It is also possible that you will get the following message: “Access to [domain name] was denied. You don’t have authorization to view this page.”

There are several possible causes of this 403 Forbidden error. The most likely one is an incorrect file permission on your server. However, this error can also be triggered by a faulty plugin or a corrupt .htaccess file:

DreamHost Glossary

What is .htaccess?

“.htaccess” is a configuration file used by the Apache web server software. The .htaccess file contains directives (instructions) that tell Apache how to behave for a particular website or directory.

Learn More

In most cases, you should be able to resolve the issue on your own. However, you might also need to get in touch with your hosting provider to access or change some settings on your site.

Skip the Permission Settings Stress

Avoid WordPress troubleshooting when you sign up for DreamPress. Our friendly experts are available 24/7 to help solve website problems — big or small.

How to Fix the 403 Forbidden Error in WordPress (5 Methods)

Now, let’s go through a few ways you can fix the 403 Forbidden error in WordPress. First, we recommend that you make a backup of your site just in case something goes wrong and you need to restore it to an earlier version.

1. Change Your File Permissions

Every WordPress file on your site’s server has its own permissions. These settings control who can access and modify its contents. If these files have incorrect permissions, your server will stop you from accessing them.

If you want to check your file permissions, you can simply contact your hosting provider, and a technical expert should be able to take care of it. You can also do this yourself by connecting to your site with a Secure File Transfer Protocol (SFTP) client such as FileZilla.

Alternatively, you can also access your site through the file manager in your hosting account. If you have a DreamHost account, you can navigate to WordPress > Managed WordPress in the sidebar. Then, find your domain and select Manage.

Accessing your domain in your DreamHost account.

On the next page, click on the Manage Files button in the Details section.

Accessing your file manager via your DreamHost account.

You’re now in the file manager. Next, open the folder labeled with your domain name to access your site’s directory.

Inside your root directory, select the folder that contains all of your WordPress files. If you’re using FileZilla, this is the public_html folder. Then, right-click on it and choose File Attributes.

Changing the file permissions using FileZilla

In the popup window, locate the Numeric field and enter “755” or “750” in the value box. Then select the Recurse into subdirectories and Apply to directories only options, and click on OK.

Changing the file permissions for the directories.

So far, you’ve applied the correct file permissions for your directories. You’ll now do the same thing for your files.

To start, right-click on your public_html folder and select File Attributes. This time, you’ll need to type “644” in the Numeric value field. Then choose Recurse into subdirectories, select Apply to files only, and click on OK.

Changing the file permissions in FileZilla.

Note that your wp-config.php file requires a different numeric value than the ones stated above. This unique value prevents other users on your servers from accessing the file. Therefore, you’ll need to manually change its file permission.

In your root directory, find the wp-config.php file, right-click on it, and select File permissions. Next, set the numeric value to “440”, and click on OK.

Changing the permissions for the wp-config.php file in FileZilla.

Now, every one of your WordPress files and folders should have the correct permissions. Once you’ve completed the above steps, go back to your site and try to reproduce the 403 Forbidden error. If your site is working fine, you don’t need to do anything else.

However, don’t worry if you’re still facing the same problem. There are still a few more fixes to try, and some of them are very simple.

2. Deactivate Your Plugins

As we mentioned earlier, the 403 Forbidden error can also be caused by a faulty plugin. To find out if this is the case, you’ll need to deactivate your plugins and then reactivate them one by one.

To start, connect to your site via FileZilla or the file manager in your hosting account. Then, in your site’s root directory, open the wp-content folder and locate the plugins folder. Then right-click on the plugins folder and select Rename.

How to rename the plugins folder in your site’s root directory.

Next, give the folder a new name, for example, “plugins_test. This will automatically deactivate all of your plugins.

If you can access your site after renaming the folder, then the 403 Forbidden error was caused by a glitchy plugin. Your next step is to find out which one it is.

First, return to your site’s root directory and rename the plugins folder back to “plugins”. Then navigate to the Plugins page in your WordPress dashboard and activate the plugins one at a time. Keep doing this until you are able to reproduce the error. Once you’ve identified the faulty plugin, you can either remove it or contact its developer for support.

3. Delete and Restore the .htaccess File

A corrupt .htaccess file can also trigger the 403 Forbidden error. This file is located in your site’s root directory and enables WordPress to interact with your server.

Inside your site’s root directory, locate the .htaccess file, right-click on it, and choose Delete.

Locating and deleting the .htaccess file in your site’s root directory.

Now, try accessing your site again. If the 403 Forbidden error has disappeared, then your .htaccess file may have been corrupted. This means you’ll need to create a new one.

To do this, navigate to Settings in your WordPress dashboard and select Permalinks. Then click on the Save Changes button at the bottom of the page, and a new .htaccess file will be generated. You can look for the file in your site’s directory to ensure that it has been restored.

4. Deactivate Your CDN

If you’re still getting the 403 Forbidden error after completing the above steps, you may have a problem with your Content Delivery Network (CDN). This is a network of servers located in different parts of the world, with each server hosting a copy of your website. Many hosting plans come with a CDN to help boost your site’s performance.

To see if your CDN is the cause of the error, you’ll need to temporarily disable it. You can do this by logging into your hosting account and locating your CDN settings. If you’re unable to access your CDN, we recommend getting in touch with your hosting provider.

5. Check Your Hotlink Protection

Finally, you might want to check your site’s hotlink protection. Hotlinking is when someone embeds media files on their site by linking them directly from another site. Some individuals may do this to use another site owner’s bandwidth (rather than their own), which is effectively theft.

Some hosts and CDN providers offer hotlink protection. However, if this is not set up properly, it can trigger a 403 Forbidden error on your site. Therefore, you may want to contact your web host about this issue. While you may want to look into this yourself, it’s best to get help from a technical expert to ensure that your hotlink protection is configured correctly.

Additional WordPress Resources

If you’re new to WordPress, you’re bound to run into some technical issues while setting up your site. To help you fix some of the most common WordPress errors, we’ve put together several how-to guides:

Meanwhile, if you’re looking for more WordPress tips and hacks, check out our WordPress Tutorials. This collection of guides will help you set up and design your first WordPress site like a professional.

Bye, WordPress 403 Error

The 403 Forbidden error appears when your server denies you permission to access a page on your site. This is mainly caused by a faulty security plugin, a corrupt .htaccess file, or incorrect file permissions on your server.

In this post, we looked at five main ways you can fix the 403 Forbidden error using an SFTP client like FileZilla or the file manager in your hosting account:

  1. Change your file permissions.
  2. Deactivate your plugins.
  3. Delete and restore the .htaccess file.
  4. Deactivate your CDN.
  5. Check your hotlink protection.

If you want to receive expert help when encountering WordPress errors, you may want to consider a managed WordPress hosting plan. Our DreamPress plans come with 24/7 technical support for WordPress site owners, so you can spend less time troubleshooting and focus your efforts on growing your business.

Photo of Jason Cosper
About the Author:

Jason is DreamHost’s WordPress Product Advocate, based out of Bakersfield, CA. He is currently working on making our DreamPress product even better. In his free time, he likes to curl up on the couch and watch scary movies with his wife Sarah and three very small dogs. Follow him on Twitter.