Resources     Blog  

  1. Home
  2. WordPress Tutorials
  3. The Easiest Way to Fix a 403 Forbidden Error in WordPress

The Easiest Way to Fix a 403 Forbidden Error in WordPress

Forbidden errors arise when your site has permission settings that are incorrect. Every file and folder has a permission access number that can control whether the content is writable, executable or readable. It can cause a great deal of damage when trying to attract visitors if these get changed. The error can also affect your reputation as a professional in your field as people will not be able to access your content. Even though 403 forbidden errors on a WordPress site can be problematic, they are actually quite easy to identify and fix. In some instances, it could be as easy as re-configuring a security plugin or removing one that is corrupt.

Verifying Plugins as the Cause of the 403 Error

verify plugins

Not every plugin you come across in WordPress will be compatible with your site. In fact, there are several plugins that simply don’t work well when put together. In order to verify that a plugin is causing the 403 error on your site, you’ll need to do the following:

  1. Deactivate all plugins that are installed on your WordPress Site.
  2. Re-activate one of the plugins on your list.
  3. Visit the site to see if the 403 error is being displayed.
  4. Repeat steps two and three until the 403 error is shown. This is the plugin that is causing the problem. You may need to change its configuration settings or remove it entirely.

If you deactivate all of your plugins and the 403 forbidden error is still being displayed, then the problem may not be plugin-related. If this is the case, then you’ll need to do additional troubleshooting.

Checking the .htaccess File of Your Site

check ht access

The .htaccess file can cause a lot of complications on your site if it’s not properly configured. A corrupt or modified file can prevent users from accessing certain pages or even the entire site itself. If you are not sure how to find your WordPress .htaccess file, read this previously posted article.  There are two ways you can check the .htaccess file of your site: through FTP access or WordPress Plugins.

FTP Access

If your web hosting company uses applications like cPanel, the .htaccess file can be directly accessed and modified by using the “File Manager” tool for your domain. Other FTP programs can be used to access those files as well, such as CuteFTP or FileZilla.

WordPress Plugins

Using WordPress plugins can help stabilize the .htaccess file, such as WP htaccess Control. These can be found by going to the “Plugins” section of your dashboard, click on “Add New” at the top and search for “htaccess.”

Removing the .htaccess File

If you believe the .htaccess file is corrupt or having problems, you can simply remove it entirely. Using FTP access or otherwise viewing the root folder of your website, you can delete the file from the system. After this is done, go to “Settings” in the WordPress dashboard and select “Permalinks” in the list. Once you hit the “Save Changes” button, a new .htaccess file will be created automatically. Note: you don’t have to change any of your current settings in order to press this button.

Addressing File Permissions of Your Website

file permission

File permissions can be somewhat time consuming to fix if you don’t have the right software. Many FTP clients will give you access to those permissions and allow you to change them. However, you must be confident in what you’re doing. If you don’t know exactly how to change the access numbers of webpages and content, you could disable a large number of features on the site.

The folder permissions of any WordPress site should be set to 744 or 755. Anything else could prevent new content from being added to the folder. This could prevent future updates, additions or changes you may need to make later on.

File permissions should be set to 644 or 640. If these numbers are set incorrectly, it could lead to hackers and bots having the ability to edit those files. This could lead to compromises and malicious code to be delivered to your visitors.

Some FTP clients will allow you to change these permissions en mass. This could save you a great deal of time from accessing each file one-by-one. Just be absolutely sure you understand the risks before altering any of these permissions.

A 403 error can be somewhat debilitating for the site if it’s not addressed immediately. Keep an eye on your webpages and analytical data as this will show you if visitors are experiencing this problem. Keep your thumb on the pulse of the website and make sure it’s always active – even if you’re not.

What kinds of errors plague your website? What kind of tools do you have readily available to fix these kinds of problems?

Was this article helpful?

Related Articles


  1. This does not address the issue of INTERMITTENT 403 errors, which is the search parameters which found this article. That is, yes, if you ALWAYS get 403 errors, then you have a bona fide permission problem, and this article will help. BUT, when your permissions are already 100% correct, but you still get 403 errors, say, 20% of the time — THEN WHAT?

  2. Hi
    I had the problem that not only were the sitepages, and preview pages not being displayed and had “You don’t have permission to access” without any error code.
    I carried out the procedure of resetting permissions, and wen as far as 775.
    Then I deleted the ,htaccess file , went to permalinks and clicked save. Following which I went to appearance, themes, selected a theme preview, where I get:
    with currently used theme:”Forbidden
    You don’t have permission to access this resource.”
    or with a new theme:
    “Not Found
    The requested URL was not found on this server.
    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.” in the preview window. ”

    All along I have the menu down the left side visible.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.