Skip to main content

How to fix 403 errors in WordPress

A 403 error is a HTTP status code that indicates that the client (e.g. your web browser or a bot) is not authorized to access the requested resource on a server. This error occurs when the server understands the request, but refuses to fulfill it due to lack of permission or authorization from the client.

In other words, the server is telling you that you do not have permission to view the page or access the resource you are trying to reach, even though it exists. This can happen for a variety of reasons, such as the resource being restricted to specific users or IP addresses, or the server administrator may have put in place security measures to prevent unauthorized access.

It's important to note that a 403 error should not be confused with a 404 error, which means that the requested resource could not be found on the server.

The 403 error has a lot of different names that you could get:

  • Forbidden error
  • Access denied error
  • HTTP 403 error
  • 403 Forbidden response
  • 403 status code
  • Error 403: You don't have permission to access
  • 403 error page
  • 403 Forbidden message
  • 403 Forbidden nginx
  • 403 Forbidden error in Apache

But the good news is that it's usually caused by a few common problems that can be easily fixed.

We'll walk you through 12 of the most common causes of a 403 error on a WordPress site, and explain how you can fix each issue in a friendly and easy-to-follow way.

1. .htaccess File Problems

Let's start with the most common cause of 403 errors: Modifications in the .htaccess file.

The .htaccess file is used to control access to your WordPress site. If there is an issue with this file, it can cause a 403 error. Common issues with the .htaccess file include incorrect code, corruption, or deletion.

important

Even if you didn't modified .htaccess file, some third party plugins, themes or even your hoster may have changed this file, which can result in a 403 error.

To fix this issue, you can either restore a backup of the .htaccess file or create a new one. Here's how to create a new .htaccess file in WordPress:

  1. Connect to your website using an FTP client.
  2. Locate the .htaccess file in the root directory of your WordPress site.
  3. If you have a backup of the .htaccess file, download it and replace the current file.
  4. If you don't have a backup, create a new .htaccess file using a text editor like Notepad.
  5. Save the file as ".htaccess" and make sure the file type is set to "All Files."
  6. Upload the new .htaccess file to the root directory of your WordPress site.

If the issue persists, try to replace any current code in the .htaccess file by the following code:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

2. Incorrect File Permissions

One of the most common causes of a 403 error in WordPress is incorrect file permissions. If the permissions for your WordPress files and folders are not set correctly, it can prevent access to your site and result in a 403 error.

To fix this issue, you need to change the file permissions for your WordPress site. You can do this using an FTP client or cPanel. The recommended file permission for WordPress is 755 for folders and 644 for files.

Here's how to change file permissions using an FTP client:

  1. Connect to your website using an FTP client.
  2. Locate the folder or file that you want to change permissions for.
  3. Right-click on the folder or file and select "File Permissions" or "Properties."
  4. Enter 755 for folders and 644 for files in the "Permissions" field.
  5. Click "OK" or "Save."

And here's how to change file permissions using cPanel:

  1. Log in to your cPanel account.
  2. Go to the "File Manager" section.
  3. Locate the folder or file that you want to change permissions for.
  4. Right-click on the folder or file and select "Change Permissions."
  5. Enter 755 for folders and 644 for files in the "Permission" field.
  6. Click "Change Permissions."

3. Plugin Conflicts

Another common cause of a 403 error in WordPress is plugin conflicts. Some plugins can cause compatibility issues with your WordPress site, resulting in a 403 error.

To fix this issue, you need to deactivate all plugins on your WordPress site and then reactivate them one by one to identify the conflicting plugin. Here's how to do this:

  1. Log in to your WordPress dashboard.
  2. Go to the "Plugins" section.
  3. Deactivate all plugins by selecting "Deactivate" under each plugin.
  4. After deactivating all plugins, reactivate them one by one.
  5. After each activation, check if the 403 error persists.
  6. If the error persists after reactivating a plugin, deactivate that plugin and move on to the next one.
  7. Repeat this process until you have identified the conflicting plugin.

4. Theme Issues

Similar to plugin conflicts, issues with your WordPress theme can also result in a 403 error. If there is a problem with your theme,it can prevent access to your site and result in a 403 error.

To fix this issue, you need to switch to a default WordPress theme and see if the error persists. If the error goes away, it means that the issue is with your theme. You can then contact the theme developer for assistance or switch to a different theme.

Here's how to switch to a default WordPress theme:

  1. Log in to your WordPress dashboard.
  2. Go to the "Appearance" section.
  3. Select "Themes."
  4. Locate the "Twenty Twenty-One" theme and activate it.
  5. Check if the 403 error persists.

If the error goes away after switching to a default theme, it means that the issue is with your previous theme. You can contact the theme developer for assistance or switch to a different theme.

5. Incorrect URL

If you are trying to access a page or post using an incorrect URL, it can result in a 403 error. This can happen if you have typed the URL incorrectly, or if the post or page has been deleted or moved.

To fix this issue, make sure that you are using the correct URL for the page or post that you want to access. You can also check your WordPress site for broken links and fix any that you find.

6. Corrupted WordPress Core Files

If any of the core WordPress files have become corrupted, it can lead to a 403 error. This can happen due to a software update gone wrong, a hacker attack, or other issues.

To fix this issue, you need to replace the corrupted core files with a fresh copy from the WordPress repository. Here's how to do this:

  1. Connect to your website using an FTP client.
  2. Locate the wp-includes and wp-admin folders in the root directory of your WordPress site.
  3. Download a fresh copy of these folders from the WordPress repository.
  4. Delete the existing wp-includes and wp-admin folders on your website.
  5. Upload the new wp-includes and wp-admin folders to your website.

7. Misconfigured SSL/TLS Certificate

If you have an SSL/TLS certificate installed on your WordPress site, it must be properly configured. If it is not, it can result in a 403 error.

To fix this issue, you need to make sure that your SSL/TLS certificate is properly configured. You can do this by contacting your hosting provider or SSL/TLS certificate provider for assistance.

8. Inadequate Hosting Environment

If your hosting environment does not meet the minimum requirements for WordPress, it can lead to a 403 error. This can happen if your hosting provider does not have the necessary resources to support your WordPress site.

To fix this issue, you need to upgrade your hosting plan to one that meets the minimum requirements for WordPress. You can do this by contacting your hosting provider for assistance.

9. Bad Request

Sometimes, a user may submit a request that is not properly formatted, resulting in a 403 error. This can happen if the user tries to access your WordPress site using an outdated browser or an incorrect URL.

To fix this issue, make sure that the user is using a modern and up-to-date browser to access your WordPress site. You can also provide them with the correct URL for the page or post that they want to access.

10. Incorrect PHP Version

If you are using an outdated version of PHP, it can lead to compatibility issues with WordPress and result in a 403 error. WordPress requires at least PHP version 7.2 or higher to function properly.

To fix this issue, you need to make sure that your website is using the correct version of PHP. You can do this by checking the PHP version in use on your website and updating it to the latest version if necessary.

Here's how to check the PHP version in use on your WordPress site:

  1. Log in to your WordPress dashboard.
  2. Go to the "Tools" section.
  3. Select "Site Health."
  4. Check the "Environment" section to see the PHP version in use on your site.

If your PHP version is outdated, you can contact your hosting provider for assistance in updating it to the latest version.

11. Incorrect File Permissions

Incorrect file permissions can prevent WordPress from accessing certain files, resulting in a 403 error. This can happen if the file permissions for your WordPress site have been changed accidentally or deliberately.

To fix this issue, you need to make sure that the file permissions for your WordPress site are set correctly. The recommended file permissions for WordPress are 755 for directories and 644 for files.

Here's how to check and change file permissions for your WordPress site:

  1. Connect to your website using an FTP client.
  2. Locate the root directory of your WordPress site.
  3. Right-click on the directory and select "File permissions."
  4. Make sure that the directory permissions are set to 755.
  5. Repeat the process for each file on your WordPress site and make sure that the file permissions are set to 644.

12. Plugins Causing Conflicts

Sometimes, certain plugins can cause conflicts with WordPress and result in a 403 error. This can happen if a plugin is outdated, broken, or not compatible with your WordPress version.

To fix this issue, you need to deactivate all plugins and see if the error goes away. If the error goes away after deactivating all plugins, you can then reactivate each plugin one by one and check if the error persists after each activation.

Here's how to deactivate all plugins on your WordPress site:

  1. Log in to your WordPress dashboard.
  2. Go to the "Plugins" section.
  3. Select "Installed Plugins."
  4. Deactivate all plugins.
  5. Check if the 403 error persists.

If the error goes away after deactivating all plugins, you can then reactivate each plugin one by one and check if the error persists after each activation. This will help you to determine which plugin is causing the conflict.