Trying to access the webpage without proper authorization is the major reason for getting 403 Forbidden error on the browser. However, on certain situations, even with the appropriate authorization to access the content, the web browser may fail to send the accurate credentials to the web server. In this case, server will send 403 access forbidden HTTP status code in the response. The status code 403 on the response indicates that the web server denied the access to the content. Depending upon the case, it can be fairly easy or challenging to diagnose and resolve 403 Forbidden error.
Learn how to fix 400 invalid request, 401 unauthorized request, err_connection_reset, err_internet_disconnected, err_network_changed, err_connection_refused, DNS_probe_finished_nxdomain and err_connection_closed errors in Google Chrome.
How to Fix 403 Forbidden HTTP Error?
Different browsers may interpret the 403 status code from server in different manner. In general, you will see a clear message indicating that you have been blocked from accessing the content.
In addition, the solution to fix the error may vary depending upon whether you are a normal user or website owner. In both situations, here are the steps you can try to resolve 403 forbidden HTTP error.
For Normal Users
As an user, you will see 403 error message on the browser. You can try to fix the problem only at browser or computer level.
1. Check the URL
Most us access webpages from bookmark, Google Search or from any other offline resources like PDF documents. This can result in accessing the wrong URL while the website owner might have deleted the original page or changed the URL without appropriate redirection.
There could also be spelling mistakes when you try to type in the URL in address bar. So, double check the URL and make sure that there are no errors. This is often a good procedure for resolving 4xx errors. As an example, the URL could be incomplete, causing your web browser to perform directory browsing of the website. In most situations, websites disallow directory browsing by default and you will see 403 forbidden error on the browser.
If you are the website owner, move on to solution 8 for fixing directory browsing.
2. Check Permission for Desired Actions
It is not necessary that after login to the site you can get access to all the content. Most websites offer free subscription for limited access and still needs premium account for accessing paid content. In such case, trying to access the premium content may result in 403 forbidden error. Ensure that you have proper authorization to access the resource on the website.
3. Clear Cookies
Website owners distribute cookies with the content to track user activities. Cookies are small pieces of information that stores the specific type of data. For example, cookies store details like session id, login credentials, click tracking, affiliate link tracking and page view tracking. They remind web servers about your preferences and latest status of your devices. Cookies are essential for some websites, because they store your authentication status to inform the web server about your level of authorization. Invalid or corrupted cookies can cause authentication problem and the 403 Forbidden Error would be generated. You can follow the process in our separate article to delete cookies in Google Chrome. The process remains same for most other browsers like Firefox and Edge. On Safari, you can delete cookies from the “History > Clear History…” menu.
4. Clear Cache
Cache is an accumulation of data, mostly copies of content of the webpages that you regularly visit. As an example, if you open Facebook each day, the browser stores the images, stylesheets and other static data from Facebook. So, the next time you open Facebook, your browser will only load dynamic data, resulting in faster performance.
However, any recent changes on the website will cause conflict with cached data on your browser. The corrupted and outdated cache on your browser can also cause 403 forbidden Error. Clearing cache is similar to clearing cookies. When you clear cookies, select the option to delete all browsing history and cached content. After that try to access the page and check whether you can access the page.
5. Logout and Login
Some users login to the site and never logout for many days without shutting down the computer. On most websites, the login will be valid for certain time. This makes your session invalid and the web server can’t recognize your session id. In such situation you will see 403 forbidden error when trying to access the content.
If you did not logout for many days then the simple solution is to logout and login again. This could help to resolve the issue.
6. Location Blocking
Website owners may intentionally block the IP addresses of specific countries from accessing their content. This is very common to block traffic from countries like China and Russia for security reasons. In this situation, you will see message like below on the browser indicating that the web server blocks your geographical location.
You can either contact the webmaster of the site or use VPN to change your IP address and access the site.
If you are not able to solve the problem with any of the above listed methods, then contact the website owner to get support on the issue.
For Website Owners
As a website owner, you may face or your users may report to you 403 error in different scenarios. Try the following solutions to fix the error.
8. Enable Directory Browsing
As explained above, the server may result in 403 error when the users try to access the partial URL. For example,
Complete URL: site.com/news/news1.html
Partial URL: site.com/news/
When the URL is incomplete, your browser will show the content of the directory instead. As website owner, it is up to your decision to allow or deny access to the “news” directory on the server. Though there is nothing wrong about enabling directory browsing, we recommend disabling for security reason.
If you still want to enable directory browsing, simply add the Options –indexes in your .htaccess file. Alternatively you can disable directory browsing from cPanel or get the support from your webhosting company.
9. Disable .htaccess File
The.htaccess file is the configuration file that’s located at the root of the website. If there is a misconfiguration in .htaccess file, most possibly you will get 403 forbidden error. One good way to determine whether .htaccess file is causing the problem is by disabling it. An easy way is to rename the .htaccess file to other names, such as .htaccess.bak or .htaccess.001. Follow these steps to access .htaccess file:
- Open your cPanel hosting account and go to the File Manager or similar option.
- Find .htaccess file at the root directory of your website.
- Right click and rename it.
Check you can access the webpage. If 403 error no longer appears, check your .htaccess file to find any snippet of code that could cause the error.
10. Check File Permission
Accessing webpages and directories from the server need appropriate file permission. Otherwise, you will see 403 forbidden error when trying to access the page with inappropriate file permission setup in the web server. It is also possible that you have accidentally changed the permission causing problems in accessing some webpages publicly. If users report that some of your webpages cause 403 forbidden Error, check their permission and make sure users get the “read” permission.
11. Check Server Configurations
Modern web servers can be quite complex and you can customize the behavior of the server. As an example, web servers might be configured to reject any request for specific directories or files. This will generate the 403 forbidden error when trying to access the directory from browser.
Let us explain this case with the popular WordPress content management system. You can install many plugins to enhance the features of WordPress. However, plugins related to security and membership can change the file permission of certain directories to prevent public access. You need to aware of this and work accordingly.
12. Check Server Connection
Temporary unavailability of the server may cause connectivity issues and cause 403 forbidden error. For example, you may be doing some maintenance activity on the server. Also many applications or websites don’t reside on one physical server; they might have distributed in a cloud-based network. When facing 403 error, you can administrators to check whether it is associated with data stored from a specific server and resolve the problem.
13. Image Hotlinking
Image hotlinking is a process of preventing others from directly linking your images on their site. This helps to save your bandwidth and hosting charges. If you have enabled hotlinking then the images may stop loading on unauthorized domains and show 403 error. You can go to cPanel and add additional domains or disable hotlinking to show the images.
403 forbidden error can happen due to multiple reasons. In simple cases, you can correct the error by checking the URL and clearing the cache and cookies. However, this could be a complex task for website owners. You can try the solutions listed for website owners to resolve the issue.