Forbidden errors arise when your site has permission settings that are incorrect. Every file and folder has a permission access number that can control whether the content is writable, executable or readable. It can cause a great deal of damage when trying to attract visitors if these get changed. The error can also affect your reputation as a professional in your field as people will not be able to access your content. Even though 403 forbidden errors on a WordPress site can be problematic, they are actually quite easy to identify and fix. In some instances, it could be as easy as re-configuring a security plugin or removing one that is corrupt.
Verifying Plugins as the Cause of the 403 Error
Not every plugin you come across in WordPress will be compatible with your site. In fact, there are several plugins that simply don’t work well when put together. In order to verify that a plugin is causing the 403 error on your site, you’ll need to do the following:
- Deactivate all plugins that are installed on your WordPress Site.
- Re-activate one of the plugins on your list.
- Visit the site to see if the 403 error is being displayed.
- Repeat steps two and three until the 403 error is shown. This is the plugin that is causing the problem. You may need to change its configuration settings or remove it entirely.
If you deactivate all of your plugins and the 403 forbidden error is still being displayed, then the problem may not be plugin-related. If this is the case, then you’ll need to do additional troubleshooting.
Checking the .htaccess File of Your Site
The .htaccess file can cause a lot of complications on your site if it’s not properly configured. A corrupt or modified file can prevent users from accessing certain pages or even the entire site itself. If you are not sure how to find your WordPress .htaccess file, read this previously posted article. There are two ways you can check the .htaccess file of your site: through FTP access or WordPress Plugins.
If your web hosting company uses applications like cPanel, the .htaccess file can be directly accessed and modified by using the “File Manager” tool for your domain. Other FTP programs can be used to access those files as well, such as CuteFTP or FileZilla.
Using WordPress plugins can help stabilize the .htaccess file, such as WP htaccess Control. These can be found by going to the “Plugins” section of your dashboard, click on “Add New” at the top and search for “htaccess.”
Removing the .htaccess File
If you believe the .htaccess file is corrupt or having problems, you can simply remove it entirely. Using FTP access or otherwise viewing the root folder of your website, you can delete the file from the system. After this is done, go to “Settings” in the WordPress dashboard and select “Permalinks” in the list. Once you hit the “Save Changes” button, a new .htaccess file will be created automatically. Note: you don’t have to change any of your current settings in order to press this button.
Addressing File Permissions of Your Website
File permissions can be somewhat time consuming to fix if you don’t have the right software. Many FTP clients will give you access to those permissions and allow you to change them. However, you must be confident in what you’re doing. If you don’t know exactly how to change the access numbers of webpages and content, you could disable a large number of features on the site.
The folder permissions of any WordPress site should be set to 744 or 755. Anything else could prevent new content from being added to the folder. This could prevent future updates, additions or changes you may need to make later on.
File permissions should be set to 644 or 640. If these numbers are set incorrectly, it could lead to hackers and bots having the ability to edit those files. This could lead to compromises and malicious code to be delivered to your visitors.
Some FTP clients will allow you to change these permissions en mass. This could save you a great deal of time from accessing each file one-by-one. Just be absolutely sure you understand the risks before altering any of these permissions.
A 403 error can be somewhat debilitating for the site if it’s not addressed immediately. Keep an eye on your webpages and analytical data as this will show you if visitors are experiencing this problem. Keep your thumb on the pulse of the website and make sure it’s always active – even if you’re not.
What kinds of errors plague your website? What kind of tools do you have readily available to fix these kinds of problems?