Imagine this – you’ve recently created a new website to host your content, and you’re excited to see it go live. You can’t wait to dive into SEO and begin ranking for keywords and attracting an audience to your brand.
But then a friend emails you and says, “Hey, is there a reason I see this when I click on your website? “
Undoubtedly, a “403 Forbidden” message is cause for immediate concern. How many potential viewers are you losing, as they come across your website to find this message?
Fortunately, there are a few quick-and-easy solutions to a 403 error. Here, we’ll explain the top three, so you can get your site up and running.
What is an HTTP error 403?
A 403 Forbidden error is an HTTP status code sent to users by an HTTP server when a user tries to access a restricted URL. It means the page you were trying to reach is forbidden for one of two reasons: Either there is a removal or restriction of access permissions from the client-side, or there’s an accidental misconfiguration of the web server.
What you’ll typically see when you land on a page with a 403 forbidden error is something like this: “You don’t have authorization to view this page – HTTP Error 403.”
It can also have slightly different wording, like the example below.
Wondering about the difference between a 403 and 404 error? Here it is: A 404 error happens when you access a page that no longer exists or cannot be found. A 403 error, on the other hand, indicates that your access has been denied due to incorrect credentials.
An easy way to remember it: 403 says “access denied” while 404 says “We can’t find what you asked for.”
What causes a 403 error?
There are a few reasons why you may see a 403 forbidden error. Here are the most common:
- Permission or ownership error – Permissions are represented by codes, which indicate what each type of user can do. If you have the incorrect code associated with a file or directory then your users may run into a 403 error.
- Wrong file or folder location – When uploading content to your site, you may have added it to the wrong directory, which is not accessible to your end-users.
- No index page – If your homepage doesn’t have an index page, it will not display correctly on a browser.
- Misconfigured WordPress plugin – A plugin may be blocking IP addresses to avoid malware, causing the 403 forbidden error.
Now that you know the causes, let’s address how to fix them.
How to Fix 403 Errors
1. Set the correct file permissions.
If you’ve configured your web server, you’ll want to add the server to the www-data group, and set ownership of /var/www to the www-data user and www-data group.
Then, make sure your directories are set to 755, your files are set to 644, and your dynamic content is set to 700. This determines which user types (owner, group, everyone) can read, write, and execute.
2. Make sure you have an index page.
Your website’s home page must be called index.html or index.php – if it’s not, you should rename the homepage to include one of those URL names.
Alternatively, you can upload an index page to your httpdocs directory and then set up a redirect on the index page to your real homepage.
3. Upload your website content to the correct directory on your server.
You might see a 403 forbidden message if you haven’t correctly uploaded your content to the directory on your server.
There are several different FTP clients you might’ve chosen to host your domain — let’s say you chose FileZilla, which is free and available for Windows, Mac, and Linux.
To publish your content online, you’ll need to put your files into the public/htdocs directory.
Note: If you’re using FileZilla, these instructions will vary if you use a different FTP client. Once you’ve dragged and dropped your files into the directory, you should search your website’s URL to double-check they now appear online.
If you’re in your FTP server and don’t see the httpdocs directory, you can create a file within the directory with this title, which could also solve the issue.
4. Deactivate and reactivate your plugins.
If you suspect one of your plugins is responsible for the 403 forbidden error, temporarily deactivate all of your plugins.
You may have noticed the error shortly after installing a plugin. If so, start with that one and work your way down from the most recent installation to the oldest.
Then, one by one, activate each plugin and refresh the page to determine which plugin is causing the error.
As you can see, 403 errors can typically be resolved in just a few easy steps. It’s just about knowing where to look.