Home | Client Login | Server Status | Contact
 

403 Forbidden Error

Generally speaking, a 403 Forbidden error means that permission has been denied to a file/folder.

The most common cause for this is due to code in your .htaccess file which may be denying access to certain parts of your site for security reasons. It can also be caused by the security systems in place on our servers.

If the issue is happening when trying to access a folder, code in your .htaccess file could be disallowing directory listings. Lets say you created a folder named 'test' in your public_html and uploaded several images to it without uploading an index.php or index.html file, if you went to yoursite.com/test/ you would see a listing of all of the images. With directory listing disabled, you'd see a 403 error instead, this is better as it prevents potential attackers from being able to see the individual files of your website.

The same can be true for other files, folders, or file extensions, for example if your website has a config.php file,  its fairly common for web access to config.php to be restricted in .htaccess to prevent attackers accessing your config file, instead they'd see a 403 error when trying to visit yoursite.com/config.php for example.

If you are encountering a 403 error when carrying out a certain task - for example whilst trying to make a blog post in Word Press, firstly login to cPanel and click the ModSecurity icon and temporarily disable ModSecurity and see if this resolves the issue.

If it does resolve the issue, please raise a support ticket and let us know so that we can investigate further - if you're happy to leave ModSecurity disabled because its badly effecting your website you can do, there are other security mechanisms in place, but there is a slightly increased risk leaving it disabled. If preferred, re-enable it and raise a support ticket.
Sometimes, ModSecurity can be triggered when by genuine actions, if the 403 error goes away with ModSecurity disabled please let us know so that we can resolve the issue for you.

Once we've resolved the issue, ModSecurity should be re-enabled in cPanel.

If disabling ModSecurity doesn't work, check your .htaccess file using File Manager in cPanel (you need to click the settings icon and tick the show hidden files and click save), or using FTP - you could remove the dot from .htaccess and this will effectively disable it. You should then test again to see if the issue persists, if it solves the issue, you'll need to adjust your .htaccess file to resolve the issue.  Remember to put the dot back in front of .htaccess and re-enable ModSecurity if you haven't done so already.



You can disable directory listings by adding the below to your .htaccess file:

Options -Indexes


Note: Placing the above in public_html will enable directory listings on all folders on your account - if its only needed on one folder, place it within the .htaccess file within that folder (you may need to create a file named .htaccess if it doesn't already exist).



Was this answer helpful?

Add to Favourites
Print this Article

Also Read
Official cPanel Manual (Views: 2479)
Official WHM Manual (Views: 2251)
Common Paths - PHP, SendMail, Perl, ImageMagick, Python, Curl etc (Views: 2508)
Cant access your website/email/ftp? Server Status page says everything is online? (Views: 1064)
PHP Time Zone Errors (Views: 670)

Web Hosting

Reseller Solutions

Audio Streaming

Other Links

Company

Galaxy Web Solutions Ltd. Registered in England and Wales. Registered no: 06737243.
Copyright © Galaxy Web Solutions Ltd. All rights reserved.