WPBeginner - WordPress Tutorials for Beginners

Trusted WordPress tutorials, when you need them most.
Beginner’s Guide to WordPress
WPB Cup
25 Million+
Websites using our plugins
16+
Years of WordPress experience
3000+
WordPress tutorials
by experts

How to Fix the 403 Forbidden Error in WordPress

By Nouman Yaqoob | | Reader Disclosure

Shares 891 ChatGPT Perplexity X LinkedIn WhatsApp

Nothing sends a jolt of panic quite like seeing a “403 Forbidden” error message where your website should be. It’s a frustrating digital roadblock that locks you out of your admin area and hides your content from visitors.

At WPBeginner, we’ve faced this exact error on our own sites and have guided thousands of users through the fix. We know how stressful it can be, but rest assured, the solution is often straightforward.

This guide walks you through the most common causes and provides clear instructions to get your site back online quickly.

Fixing 403 Forbidden error in WordPress

Quick Summary: The 403 Forbidden error in WordPress is most often caused by a poorly configured plugin, a corrupt .htaccess file, or incorrect server file permissions. This guide provides simple, step-by-step solutions to identify and fix the problem.

What Is the 403 Forbidden Error in WordPress?

The 403 Forbidden error code is shown when your server permissions don’t allow access to a specific page on your WordPress website.

This error is usually accompanied by the text:

403 Forbidden – You don’t have permission to access ‘/’ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Here’s an example of what it looks like:

403 Forbidden status code shown on a WordPress site

There are different scenarios when you might see this error. For example:

You may also see ‘Access Denied’ instead of the full 403 Forbidden status. Alternatively, the message might say, ‘Access to yourdomain.com was denied. You don’t have authorization to view this page.’

For more explanation about WordPress error codes, you can see our list of the most common WordPress errors and how to fix them.

What Causes the 403 Forbidden Error in WordPress?

The 403 Forbidden error appears when your web server does not believe you have permission to view a specific page.

The most common causes for this are:

  • Poorly Configured Security Plugins: Many WordPress security plugins block IP addresses if they believe them to be malicious, which can sometimes lead to accidental lockouts.
  • Corrupt .htaccess File: This critical WordPress file can become damaged, leading to incorrect access rules.
  • Incorrect File Permissions: Every file and folder on your server has permissions. If these are set incorrectly, the server will block access.
  • Server Configuration Issues: Your WordPress hosting company can sometimes make accidental changes to its server settings that result in a 403 error.

Now, let’s take a look at how to fix the 403 forbidden error in WordPress.

Note: Before you make any changes, we recommend creating a complete backup of your website. Our team uses Duplicator for this, but you can follow our guide on how to back up your WordPress site for other options.

You can use these quick links if you want to skip to a specific method:

Method 1: Deactivate Your Plugins Temporarily

The first step is to check if one of your plugins is causing the error.

To do this, you need to temporarily disable all your WordPress plugins, including any security plugins.

Bulk deactivate all WordPress plugins

If this resolves the problem, then one of the plugins on your website was causing the error.

You can find out which plugin was the culprit by activating them one by one until the 403 error reappears. Once you find the problem plugin, you should delete it and look for an alternative or contact its developers for support.

Method 2: Regenerate Your .htaccess File

Often, the 403 forbidden error is caused by a corrupt .htaccess file on your WordPress site. The good news is that fixing this file is quite easy.

First, you need to connect to your website using an FTP client like FileZilla or the File Manager app in your hosting control panel.

Next, find the .htaccess file in the root folder of your WordPress site. If you can’t see it, you may need to enable hidden files in your FTP client.

See this guide if you can’t find the .htaccess file in your WordPress folder.

Download the .htaccess file to your computer so you have a fresh backup. After that, delete the file from your server.

Don’t worry, your WordPress site will still function temporarily without it.

Delete .htaccess file from your WordPress site

Now, try accessing your website. If the 403 forbidden error is resolved, then your .htaccess file was corrupt.

You can generate a fresh .htaccess file by logging in to your WordPress admin area and going to the Settings » Permalinks page.

Regenerating .htaccess file in WordPress

Simply click the ‘Save Changes’ button at the bottom of the page. WordPress will then generate a new, correct .htaccess file for you.

Method 3: Correct Your File and Directory Permissions

If the other solutions haven’t fixed the error, then incorrect file permissions are the most likely cause. All files on your website have permissions that control who can read, write, and execute them.

Incorrect permissions can cause the 403 forbidden error. They make your web server think you do not have permission to access those files.

You can ask your WordPress hosting provider to check your website for correct file permissions. Many hosts are very supportive and will fix this for you.

Changing file permissions incorrectly can have serious consequences. If you do not feel confident, then it’s best to ask your host or hire a professional.

However, if you want to do it yourself, here is how you can check your file permissions. Connect to your WordPress site using an FTP client and navigate to the root folder containing all your WordPress files.

Checking file permissions

Right-click on a folder and select ‘File permissions’ from the menu.

Your FTP client will show you a permissions dialog box.

Changing file permissions using FTP

All folders on your WordPress site should have a file permission of 744 or 755. All files should have a file permission of 644 or 640.

You can set the permission for the root folder to 755. Check the box to ‘Recurse into subdirectories’ and select the ‘apply to directories only’ option. Click ‘OK’ to apply.

Next, repeat the process for all files. This time, use a file permission of 644. Check the ‘Recurse into subdirectories’ box and select the ‘Apply to files only’ option.

Now, you need to click ‘OK’. Once it is finished, try accessing your website to see if the 403 forbidden error is gone.

Method 4: Clear Your Cache and Cookies

Sometimes, the simplest fix is the most effective. Clearing your browser cache and cookies can resolve the 403 forbidden error. Corrupted data stored by your browser can cause compatibility issues.

Similarly, a corrupted cache generated by a WordPress plugin can also cause problems. We use WP Rocket on our sites, and clearing its cache is a standard troubleshooting step. If your caching plugin has settings to restrict access, misconfigurations could also be the cause.

To clear your browser cache, follow the instructions in our guide on how to clear cache in major browsers.

If you use a plugin, just see our guide on how to clear your WordPress cache.

Method 5: Temporarily Disable CDN (Content Delivery Network)

If you’re using a Content Delivery Network (CDN) to improve site speed, then it might be interfering and causing the error. A CDN acts as a middleman between your server and visitors.

To see if your CDN is the culprit, temporarily disable it through its settings. Then, test your website to see if the error disappears.

If disabling the CDN resolves the error, you’ll need to contact your CDN provider’s support team for further assistance.

Method 6: Check for Malware

Malicious software can cause a variety of issues, including the 403 forbidden error. It can interfere with file permissions or disrupt communication between your website and server.

To check for malware, we recommend scanning your website.

For our own sites, we rely on the powerful scanner included with Sucuri. Many other security plugins also offer malware-scanning features and can often remove malicious files in one click.

Method 7: Contact Your Hosting Provider or a WordPress Expert

If you’ve tried all the previous steps and the error persists, the issue may be on the server level. Reaching out to your hosting provider’s support team is a great next step, as they can check server logs and file permissions for you.

For details, see our guide on how to contact WordPress support.

Video Tutorial

If you prefer more visual instructions, then watch the video below.

Subscribe to WPBeginner

Frequently Asked Questions About WordPress Errors

Here are answers to some common questions related to WordPress errors.

What is the difference between a 403 error and a 404 error?
A 403 Forbidden error means the server understands the request but refuses to grant access due to a permissions issue. In contrast, a 404 Not Found error means the server can’t find the requested page at all.

How can I find WordPress error logs for more clues?
Error logs can provide detailed technical information. You can often find them in your hosting control panel or by enabling WordPress debug mode. Our guide explains how to find and access WordPress error logs.

Is a 403 error similar to a 500 internal server error?
No, they are different. A 403 error is a permissions problem. A 500 Internal Server Error is a more general message indicating that something has gone wrong on the server, but it doesn’t specify what.

We hope this article helped you fix the 403 forbidden error in WordPress. You may also want to see our list of the most common block editor problems and our expert pick of must-have WordPress plugins to grow your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Popular on WPBeginner Right Now!

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Download Now

Reader Interactions

169 CommentsLeave a Reply

  1. Hello, good day. I appreciate your efforts in creating this content. The presence of a 403 error is often due to permission issues. I have encountered it multiple times, and most of the time, fixing permissions resolves the error. I’ve successfully resolved my site’s 403 error with the help of this guide before.

    Reply

  3. For my site it ended up being ModSecurity. I eliminated any robots.txt and .htaccess issues. I found the issue when looking at the apache log and then whitelisted the rule. All was fine after that . Took about 4 days to figure it all out.

    Reply

  5. Thanks for this information! It has been very helpful. I had this error in several pages with broken images (I think this happened after buying a larger hosting plan) and it seems the problem was a corrupted .htaccess file, but thanks to this info I solved it in one minute!

    Reply

  6. Hello,
    i am getting the same error but in my case, i have access to my dashboard. the the problems begin when i click on some admin menu like page, update, setting.

    Reply

    • Our recommendations would be the same even if you still have access to your wp-admin area.

      Reply

      Admin

  7. Thank you so much. I had to restore my website and I got this error. The entire folder for my wordpress site dit not have the right permissions. I changed it and it worked. Thanks so much.

    Reply

    • Thank you for sharing that, if it gets to the point where disabling mod security is what you want to try, we would recommend most beginners reach out to their hosting provider instead to see if their host sees an error or something on their end that could be fixed.

      Reply

      Admin

  14. I am getting 403 Error on Updates page as well as Plugins Add new page any suggestions what can I Do?

    Reply

    • Reach out to your hosting provider for them to take a look and they should be able to help fix that issue.

      Reply

      Admin

  15. I tried all the mentioned points. My site is still showing the same message as “”Your connection is not private” and “403 Forbidden”. Please help…

    Reply

    • If none of our recommendations are able to assist you, we would recommend reaching out to your hosting provider to ensure there are no issues on their end.

      Reply

      Admin

    • There can be or sometimes the host may prevent the file permissions from being changed. If our guide did not help we would recommend reaching out to your hosting provider and they should be able to assist.

      Reply

      Admin

  19. Hi, how to solve the 403 forbidden but only happens when try to publish or update post/pages? I have no problems when accessing website or upload media

    Reply

    • Reach out to your hosting provider for them to take a look and they should be able to assist and fix that issue.

      Reply

      Admin

  24. I have done all the thing read in this article yet the problem persist is there any other solution?

    Reply

    • If none of these recommendations helped, we would recommend reaching out to your hosting provider and they can normally assist

      Reply

      Admin

  25. Followed up all tips, thank you. The htaccess one was closest: after removing the image Hotlinks rule within, my site is finally back to normal!

    Reply

  26. I never knw .htaccess get corrupt. Tip number 2 fixed it quickly but I was unable to generate the .htaccess. So I downloaded, delete and re-upload the .htaccess and it worked super fine. Thank you, WPBeg

    Reply

  28. Hi,

    Suddenly my website is showing a message “This site can’t be reached” .Can anybody help me ? i am unable to fix it for last 7days.

    Thanks,

    Reply

    • Have you reached out to your hosting provider? They can normally let you know any errors they can find on your site.

      Reply

      Admin

  30. I’m glad I read the post and tried everything mentioned here but it did not work. However, the user comments were resourceful. I tried step by step all the suggestions people have mentioned and I found that MOD SECURITY, just as others have mentioned, is the main culprit.

    Since I’ running a VPS, I disabled it from my control panel and did the adjustments I wanted on my site and it worked like a charm!.

    Reply

  31. After I installed wordpress. My webpage is still on 403 error and when I go to /wp-admin a 404 error appears. Basically wp-admin is missing. How should I fix this?

    Reply

  32. Hi,

    My images don’t appear at all when I view my site on different web browsers.

    What could be causing this?

    cheers

    Reply

  33. I have tried all the things, checked stackoverflow, google, than tried these paths and none of them work. The last thing i did i reinstalled wordpress from dashboard and it worked. 403 forbidden disappeared…

    Thank you anyway for this article. hope my exp will help others also :)

    Reply

    • Should the problem continue with yoast, if you reach out to the plugin’s support they may be able to update and fix the problem :)

      Reply

      Admin

  39. File uploads with illegal characters (e.g. apostrophe in my recent cases) cause a 403 error. I have seen this with file submissions in Gravity and WPForms.

    Reply

  40. I have started a new website for an individual through WP. When old website is pulled up, it gives a “Forbidden- access denied on this server”. I have tried many things through WP to fix the problem, but since it was that way before, would it be something from the last webhost? I have changed the nameservers on the domain site to the new host site I’m using. The new host has it as primary domain, but says domain is locked. Would unlocking the domain name make a difference? Any help would be MUCH APPRECIATED!!

    Reply

    • If the domain is locked then your old hosting provider normally may not be accepting the nameserver edits. If you reach out to where the domain is currently hosted they should be able to ensure the domain is pointing correctly.

      Reply

      Admin

  42. “Failed to load resource: the server responded with a status of 403 (Forbidden) async-upload.php:1” is the console error log I am seeing when I try to upload an image to media in the dashboard. It says “http error” when I try upload any files. And they’re only a few kb, also the upload size has been increased already.

    Any suggestions?!

    Reply

    • Reach out to your hosting provider and let them know about the issue and they should be able to assist

      Reply

      Admin

  44. Hiya Folks, I worked through everything and nothing seemed to fix my problem then I had a spark of genius. If you use Cpanel then check under the Security option for Hotlink protect. You may have it turned on. Just add your full site website web address to it and click submit it should work. It did for me

    Reply

  45. why i am getting this problem –
    Failed to load resource: the server responded with a status of 403 (Forbidden)
    wp-content/themes/health/assets/slabText/css/slabtext.css?ver=5.0.3

    Reply

    • You would want to take a look at step 3 in the article for an error like that with your theme

      Reply

      Admin

  47. Works for me after i disabled ModSecurity on Cpanel. If you don’t have access to this option, contact your host provider and say that you want to disable this option.
    Hope that works for y’all!

    Reply

  48. Hi, Please help.. I got this error when i tried to log in my wp-admin ..

    HTTP Error 403 – Forbidden
    The Web server is configured to not list the contents of this directory or you do not have enough permissions to access the resource

    Error. Page cannot be displayed. Please contact your service provider for more details. (14)

    Thanks in advance

    Reply

  49. When i was putting my second addon doamin i select blog in directory (optional). I think it should be empty now i can’t see my website when i enter sitename .com its says error. i can access my wp admin as sitename .com/blog/wp-admin. i want to remove blog from it. My first website on this hosting is working fine with wordpress, Godaddy. I don’t know what to do please some one help me???

    Reply

  50. Thanks guys.
    You saved me a whole lot.
    I just discovered my Public Permissions were not readable and Executable.

    Reply

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

Copyright © 2009 - 2025 WPBeginner LLC. All Rights Reserved. WPBeginner® is a registered trademark.

Managed by Awesome Motive | WordPress hosting by SiteGround

The WordPress® trademark is the intellectual property of the WordPress Foundation. Uses of the WordPress®, names in this website are for identification purposes only and do not imply an endorsement by WordPress Foundation. WPBeginner is not endorsed or owned by, or affiliated with, the WordPress Foundation.

I need help with…

Popular searches:

Starting a Blog WordPress SEO WordPress Performance WordPress Errors WordPress Security Building an Online Store