What Is a 403 Forbidden Error?
A 403 Forbidden error means the server understood your request but is refusing to fulfil it. Unlike a 401 error, authentication will not help — the server has decided you are not allowed to access the resource.
Common Causes
- Missing index file – If your web root does not contain an
index.htmlorindex.phpfile and directory listing is disabled, the server returns 403. - Incorrect file permissions – Overly restrictive permissions (e.g.,
600on files or700on directories) prevent the web server from reading your content. - IP blocking rules – Your
.htaccessfile or a security plugin may contain rules that deny access from certain IP addresses or countries. - ModSecurity rules – The server's web application firewall may flag a request as suspicious and block it.
- Hotlink protection – If hotlink protection is enabled, external sites trying to embed your images will receive a 403.
How to Fix It
- Upload an index file – Make sure your document root contains an
index.htmlorindex.phpfile. - Reset file permissions – Set files to
644and directories to755. You can do this in bulk through File Manager by selecting all files and clicking Change Permissions. - Review .htaccess rules – Look for
Deny from allorRequire all denieddirectives and remove or adjust them. - Check IP blocks – In cPanel, navigate to Security > IP Blocker and make sure your own IP is not listed.
- Whitelist in ModSecurity – If ModSecurity is the cause, you can disable specific rules in cPanel under Security > ModSecurity, or contact support for guidance.
Need More Help?
If the 403 persists after these steps, contact our support team with the URL that is returning the error and any relevant .htaccess contents.