How do I correct a 403 Forbidden error on cPanel?

Procédure

An HTTP 403 error is a web server error message indicating that access to the requested page or resource is strictly prohibited for security reasons or due to access restrictions defined by the website. This error occurs when the server understands the request sent by the client, but refuses to authorise it for various reasons.

What is a 403 error?

An HTTP 403 error, also known as a 403 Forbidden error, is an HTTP status code that indicates that a page or resource you are trying to access is currently inaccessible, but the connection has been established. Unlike the 401 error, which is used for authentication failures, a 403 error is returned when the user is correctly authenticated, but does not have the necessary rights to access the resource.

Common reasons why a 403 error may be triggered include:

• Access restrictions put in place by the site or resource owner, which may be based on IP addresses, geographical locations, or other criteria.
• Attempts to access a directory rather than a specific page, when the web server is configured to refuse indexing or directory browsing.
• Problems with permissions on files and directories on the web server, where the necessary files are not readable by the server.
• Use of an incorrectly configured .htaccess file that restricts access to certain parts of the website.

Understanding the causes and potential solutions to a 403 error is important for web developers, system administrators, and end users looking to solve these problems and improve access to important web resources.

How do I fix the 403 Forbidden error raised by LWS Protect?

What is LWS Protect?

The LWS Protect tool, available in the "Security" section of your cPanel control panel, allows you to secure your website in just a few easy clicks by customizing the security rules in place upstream of your hosting package's web server.

How do I know if a 403 error is generated by LWS Protect?

If a 403 error is generated by LWS Protect, you should see an error page corresponding to the image below:

How do I resolve a 403 error generated by LWS Protect?

Step 1: Log in to your cPanel interface.

Step 2: Click on the LWS Protect button in the Security category

Step 3: Click on the"Block History" button

Step 4: You will then get a page with the history of the latest blocks generated. You can then deactivate the rule that generated the 403 error if you no longer wish it to be active.

How do I repair the 403 Forbidden error raised by the Apache server?

How do I know if a 403 error is generated by Apache?

If a 403 error is generated by Apache, you should see an error page corresponding to the image below:

How do I resolve a 403 error generated by Apache?

Empty your browser cache

The first thing to do is clear your browser's cache.

The cache is a useful tool that allows websites to load faster. However, it can sometimes happen that the cached version of a page does not correspond to its real version and that the 403 error is in fact cached in your browser.

File restoration problem

If you have recently restored files from a backup and have since been experiencing 403 errors, then it is possible that the file restoration has partially failed.

The solution, in this case, is to restart a new restore and to check after its completion that the 403 error has disappeared for good.

Check your file permissions

Each folder and file on your server has its own specific permissions, which determine what actions are allowed:

• Read: allows you to view the data in the file or display the contents of a folder.
• Write: allows you to modify the file or add/delete files in a folder.
• Execute: allows you to run the file as a script or access a folder and execute functions and commands.

These permissions are represented by a three-digit number, each digit indicating the level of permission for the three categories mentioned above.

Normally, these authorisations are only relevant to your site. However, problems with file permissions can result in a 403 Forbidden error.

To check and modify your site's file permissions, you can use your hosting's file manager.

Once in the file manager, you can view the permissions of a file or folder(2) and modify them(1).

According to the WordPress Codex, the ideal file permissions for WordPress are :

• Files: 644 or 640
• Folders: 755 or 750

An exception is made for your wp-config.php file, which should have permissions of 440 or 400.

If problems with file permissions caused the 403 Forbidden error, your site should now work correctly.

Delete and restore the .htaccess file

A common cause of the 403 Forbidden error is a problem in your site's .htaccess file.

The .htaccess file is a configuration file used by the Apache web server. It can be used to configure redirects, restrict access to certain parts of your site, etc.

Because of its power, even a small error can cause a big problem, like the 403 Forbidden error.

Instead of trying to troubleshoot the .htaccess file itself, a simpler solution is to force WordPress to generate a new, clean .htaccess file.

Here's how to do it:

1. Connect to your hosting'sfile manager
2. Find the .htaccess file in your root folder(1).
3. Download(2) a copy of the file to your computer (it's always a good idea to have a backup copy just in case).
4. Delete(3) the .htaccess file from your server after making a safe backup copy on your local computer.

Now you should be able to access your WordPress site if your .htaccess file was the problem.

To force WordPress to generate a new, clean .htaccess file:

1. Go to Settings(1) → Permalinks(2) in your WordPress dashboard.
2. Click Save(3) the changes at the bottom of the page (you don't need to make any changes - just click the button).

That's it - WordPress will now generate a new .htaccess file for you.

Deactivate then reactivate your extensions

If neither your site's file permissions nor the .htaccess file seem to be a problem, the next place to check is your WordPress extensions. There may be a bug in one extension or a compatibility issue between different extensions.

To find the extension responsible, we invite you to follow this documentation.

Temporarily disable the CDN

If you are getting 403 forbidden errors on your resources (images, JavaScript, CSS), this could be a problem with your content delivery network (CDN).

If you are using the services of a CDN such as Cloudflare, we recommend that you temporarily reconfigure the LWS default DNS to check whether the problem is with the CDN.

Check whether Hotlink protection is incorrectly configured

Hotlinking occurs when someone includes an image on their site, but the link from that image is always directed to someone else's site. To avoid this, some people set up what is known as "hotlinking protection" with their web host or CDN provider.

When hotlinking protection is activated, it generally generates a 403 Forbidden error. This is perfectly normal. However, if you get a 403 Forbidden error on something that shouldn't be blocked, make sure that the hotlinking protection is correctly configured.

Disconnect from your VPN

Here's another simple tip that could solve this problem if you're using a VPN.

Some sites may be blocking access to users using a VPN, which could explain why you're getting the 403 Forbidden error.

To check whether this is the case, disconnect from the VPN and try accessing the site in another way. You can also try switching to another server offered by your VPN service.

Contact customer support

If none of the above solutions has worked for you, we recommend that you contact our technical support team for a personalised analysis of your problem.

Conclusion

You now know how to :

• Identify a 403 error and its possible causes.
• Use LWS Protect to resolve a 403 error generated by this tool.
• Repair the 403 error caused by the Apache server, including clearing your browser cache, checking file permissions and restoring the .htaccess file.
• Deactivate and reactivate your WordPress extensions to eliminate compatibility issues.
• Reconfigure DNS or temporarily deactivate the CDN in the event of problems with these services.
• Ensure that your hotlinking protection is properly configured to avoid unnecessary 403 errors.
• Disconnect your VPN to test whether this resolves the 403 error.
• Contact customer support if difficulties persist.

Resolving the 403 error can be complex, but with these tips and a little patience, you should be able to regain full access to your website. 😌🔧

Thank you for taking the time to read this article. If you have any questions or would like to share your experience with the community, please feel free to leave a comment below. Your feedback is valuable and could help other users facing the same situation! 🙌💬