How to Fix the 403 Forbidden Error in WordPress

Are you dealing with the 403 Forbidden error on your WordPress site?

403 Forbidden error is one of the most annoying errors that a WordPress website owner can encounter. It may stop you from accessing your WordPress admin area and/or specific pages on your website.

In this article, we will show you how to easily fix the 403 Forbidden error in WordPress.

What Is the 403 Forbidden Error in WordPress?

The 403 Forbidden error code is shown when your server permissions don’t allow access to a specific page on your WordPress website.

This error is usually accompanied by the text:

403 Forbidden – You don’t have permission to access ‘/’ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Here’s an example of what it looks like:

There are different scenarios when you might see this error. For example:

• 403 Forbidden – Access denied on the wp-admin or WordPress login page.
• 403 Forbidden – During WordPress install.
• 403 Forbidden Error – When visiting any page on your WordPress site.

You may also see ‘Access Denied’ instead of the full 403 Forbidden status. Alternatively, the message might say, ‘Access to yourdomain.com was denied. You don’t have authorization to view this page.’

For more explanation about WordPress error codes, you can see our list of the most common WordPress errors and how to fix them.

Now that you know about the different types of 403 errors, let’s talk about their causes.

What Causes the 403 Forbidden Error in WordPress?

The 403 Forbidden error code appears when your server doesn’t permit access to a specific page. There are several causes that can make this happen.

One common cause for the 403 Forbidden error in WordPress is poorly configured security plugins. Many WordPress security plugins can block an IP address (or a whole range of IP addresses) if they believe them to be malicious.

Another possible cause could be a corrupt .htaccess file or incorrect file permissions on your server.

Your WordPress hosting company can sometimes make accidental changes to their server settings. This may result in a 403 Forbidden error on your site.

Having said that, let’s take a look at how to fix the 403 forbidden error in WordPress.

You can use these quick links if you want to skip to a specific method:

Video Tutorial

Subscribe to WPBeginner

If you prefer written instructions, then just continue reading.

Method 1: Deactivate Your Plugins Temporarily

The first thing you need to do is see if one of your WordPress plugins is causing the 403 forbidden error. To do this, you need to temporarily deactivate all WordPress plugins. This includes any security plugins that you may have installed on your site.

If this resolves your problem, then this means one of the plugins on your website was causing this error.

You can figure out which plugin was causing the error by activating all your plugins one at a time until you reproduce the 403 Forbidden error. Then, you will need to delete the problem plugin and look for an alternative or contact the developers for support.

If this method doesn’t work, then just continue reading.

Method 2: Regenerate Your .htaccess File

Often, the 403 forbidden error is caused by a corrupt .htaccess file in your WordPress site. The good news is that fixing this file is quite easy.

First, you need to connect to your website using an FTP client like FileZilla or the File Manager app in cPanel.

Next, find the .htaccess file in the root folder of your WordPress site. See this guide if you can’t find the .htaccess file in Your WordPress folder.

You will need to download the .htaccess file to your computer so that you have a fresh backup of it. After that, simply delete the file from your server. Don’t worry, your WordPress will still be able to work.

Now, try accessing your website. If the 403 forbidden error is resolved, then this means that your .htaccess file was corrupt.

You can generate a fresh .htaccess file by logging in to your WordPress admin area and going to the Settings » Permalinks page.

Simply click on the ‘Save Changes’ button at the bottom of the page, and WordPress will generate a new .htaccess file.

Method 3: Correct Your File Permissions

If the other solutions have not fixed the 403 forbidden error on your site, then incorrect file permissions are the most likely cause.

All files stored on your website have file permissions. These file permissions control who can access the files and folders on your WordPress website.

Incorrect file permissions can cause the 403 forbidden error. They make your web server think that you do not have permission to access those files.

You can ask your WordPress hosting provider to check your website for correct file permissions. Some hosts are very supportive, so they won’t mind and will probably fix that for you.

Changing file permissions yourself can have serious consequences. If you do not feel confident doing it yourself, it’s best to ask a fellow WordPress website owner for help or hire a professional.

However, if you want to do it yourself, then here is how to check your file permissions.

Simply connect to your WordPress site using an FTP client. Navigate to the root folder containing all your WordPress files.

Click to select a folder, right-click it, and then select ‘File permissions’ from the menu.

Your FTP client will show you a file permissions dialog box like this:

All folders on your WordPress site should have a file permission of 744 or 755.

Meanwhile, all files on your WordPress site should have a file permission of 644 or 640.

You can set the file permission for the root folder to 744 or 755. You also need to check the box next to ‘Recurse into subdirectories’ and then check the option that says ‘apply to directories only’.

Simply click on the ‘OK’ button. Your FTP client will now start setting permissions for all subdirectories in that folder.

Once it is done, you need to repeat the process for all the files. This time, you will use file permission of 644 or 640, and don’t forget to select the ‘Recurse into subdirectories’ and ‘Apply to files only’ options.

Click on the ‘OK’ button, and your FTP client will start setting file permissions for all the selected files.

Try accessing your website now and see if the 403 forbidden error has gone.

Method 4: Clear Your Cache and Cookies

Sometimes a simple fix can be the most effective. Clearing your browser cache and cookies, as well as your WordPress cache if you’re using a caching plugin, can resolve the 403 forbidden error.

Just like how your computer stores temporary files to speed up loading times, your browser also caches website data. If this data becomes corrupted, it might cause compatibility issues and lead to the 403 error.

Similarly, a corrupted cache generated by a plugin can also lead to the server misinterpreting requests.

Some caching plugins also offer advanced settings that allow you to restrict access to specific pages or user roles. If these settings are accidentally misconfigured, they could unintentionally block access to certain parts of your website.

To clear your browser cache, you can follow the instructions in our article on how to clear cache in major browsers.

If you’re using a WordPress caching plugin, you can read our guide on how to clear WordPress cache and consult the plugin’s documentation.

Method 5: Temporarily Disable CDN (Content Delivery Network)

If you’re using a Content Delivery Network (CDN) to improve website performance, it’s possible that it might be interfering and causing the 403 forbidden error.

A CDN acts as a middleman between your website’s server and visitors, serving cached content from geographically distributed locations for faster loading times.

To see if your CDN is the culprit, you can disable your CDN temporarily. Then, test your website to see if the error disappears.

If disabling the CDN resolves the error, you’ll need to contact your CDN provider’s support team for further troubleshooting.

Method 6: Check for Malware

Malicious software can cause a variety of issues including the 403 forbidden error. It can interfere with file permissions, inject malicious code, or disrupt communication between your website and server.

To see if there’s malware on your website, we recommend scanning your website using a security plugin or a service offered by your WordPress hosting provider.

Many reputable security plugins offer malware-scanning features, and you can usually remove these malicious files in one click.

Learn More Ways to Solve Common WordPress Errors

Having other problems with WordPress? Perhaps one of these guides can help you solve the issue:

• How to Find and Access WordPress Error Logs (Step by Step)
• How to Fix WordPress Posts Returning 404 Error (Step by Step)
• How to Fix ERR_NAME_NOT_RESOLVED in WordPress (Step by Step)
• How to Fix ’ERR_SSL_VERSION_OR _CIPHER_MISMATCH’ in WordPress
• How to Fix the 500 Internal Server Error in WordPress
• How to Fix the 502 Bad Gateway Error in WordPress
• How to Fix the 401 Error in WordPress (7 Solutions)
• How to Fix the 413 Request Entity Too Large Error in WordPress
• How to Fix the 504 Gateway Timeout Error in WordPress
• What is 414 Request URI Too Long Error and How to Fix It

We hope this article helped you fix the 403 forbidden error in WordPress. You may also want to see our list of the most common block editor problems and must-have WordPress plugins to grow your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.