HTTP error 403 - Forbidden

Generally, the HTTP error 403 - Forbidden means that access to the file/folder you are trying to open has been denied, either on purpose or due to a misconfiguration . It's probably because the site owner has limited access to it and you don't have permission to view it. FORBIDDEN: Status code (403) indicating the server understood the request but refused to fulfil it.


How to Fix a 403 Forbidden Error

For end-users

The vast majority of the time, there's not much you can do to fix things on your end. Still, there are some things you can try.

  1. Refresh the Page
  2. Double Check the Address
  3. Clear Browser Cookies and Cache
  4. Check firewall settings
  5. Deactivate browser extensions
  6. Try Again Later
  7. Contact website administrators

For site administrators

There are three common causes for this error

  1. An empty website directory
  2. No index page
  3. Permission and Ownership error

An empty website directory

Make sure that your website content has been uploaded to the correct directory on your server.

Plesk server

When someone creates a website, Plesk not only adds a new virtual host to the web server but also creates the site's directory structure e and fills the directories with certain initial content. These directories are located in the corresponding virtual host directories :

On Linux: /var/www/vhosts/ 
On Windows: C:\inetpub\vhosts\

By default it creates the directories below:

/var/www/vhosts/example.com/httpdocs/

- domain's root directory (may be changed in the Domains > example.com > Hosting Settings);

When you connect with your FTP user, you just need to navigate into the httpdocs directory. Moreover, be sure to replace example.com with your actual domain name.

cPanel server:

The /home/example/public_html/ folder is the web root for your primary domain name. This means that public_html is the folder where you put all website files which you want to appear when someone types your main domain. when someone types your domain name into their browser, whatever is in your public_html directory is what will be shown to them.

When you connect with your FTP user, you just need to navigate into the public_html directory. Be sure to replace example with the name of your cPanel account username.

IIS:

Microsoft turn off the most basic features by default. Go to Turn Windows features on or off.

public_html directory
Internet Information Services

No index page

The default document is the first file the server sends when someone visits your site. The default document is usually index.html or index.php, but you can configure it to be any file you want.

Index files option is set to Default at:

Linux: Domains > example.com > Apache & Nginx Settings
Windows: Domains > example.com > IIS Settings

To resolve this 403 Forbidden error, upload an index page to your httpdocs or public_html directory.

If you already have a home page called something else - example.html , you have a couple of options to change it:

  1. Rename your home page to index.html or index.php.
  2. Set up a redirect on the index page to your real home page.
  3. Set a different default home page in your .htaccess file.

HTTP Error 403.14 - Forbidden in IIS

The Web server is configured to not list the contents of this directory.

In IIS, a default document is not configured for the requested URL, and directory browsing is not enabled on the server.

How to enable directory browsing?
  1. Go to the IIS Express install directory.

  2. Run appcmd set config /section:system.webServer/directoryBrowse /enabled:true to enable directory browsing at the server level.

  3. Run appcmd set config ["SITE_NAME"] /section:system.webServer/directoryBrowse /enabled:true to enable directory browsing at the site level.

Moreover, verify that the configuration/system.webServer/directoryBrowse@enabled attribute is set to true in the site or application configuration file

Permissions and ownership errors

HTTP Error 403.14 – Forbidden error can also be caused by incorrect ownership or permissions on your website content files and folders.

Permissions

  1. for directories
find /desired_location -type d -print0  xargs -0 chmod 0755
  1. for files
find /desired_location -type f -print0  xargs -0 chmod 0644

Additionally, if you know PHP runs as the user and not as "apache", then you can set PHP files to 600, for an extra level of security, eg:

find . -type f -name '*.php' -exec chmod 600 {} \;

Ownership

The concept of owner and groups for files is fundamental to Linux. Every file is associated with an owner and a group. You can use chown and chgrp commands to change the owner or the group of a particular file or directory.

Every Linux system have three types of owner:

  1. User: A user is the one who created the file. By default, whosoever, creates the file becomes the owner of the file. A user can create, delete, or modify the file.

  2. Group: A group can contain multiple users. All the users belonging to a group have same access permission for a file.

  3. Other: Any one who has access to the file other than user and group comes in the category of other. Other has neither created the file nor is a group member.

Users and groups can be locally managed in /etc/psswd or /etc/group .

Plesk server: domain - example.com, domainuser - FTP user 
/var/www/vhosts/example.com/ - root:root
/var/www/vhosts/example.com/httpdocs/ - domainuser:psaserv
/var/www/vhosts/example.com/httpdocs/index.html - domainuser:psacln
cPanel server: account user - example 
/home - root:root
/home/example - example:example
/home/example/public_html - example:example

The chown command is used to change file ownership settings. The basic syntax is:

chown owner-user file
chown owner-user:owner-group file
chown owner-user:owner-group directory
chown options owner-user:owner-group file

Nginx 403 forbidden error


Nginx 403 forbidden for all files, Nginx 403 error: directory index of [folder] is forbidden

Nginx 403 Forbidden error is a status code generated and displayed to the user when a client tries to access a part of the webserver with insufficient permissions. When nginx access a directory, it tries to index it and return the list of files inside it to the browser/client, however by default directory indexing is disabled, and so it returns the error " Nginx 403 error: directory index of [folder] is forbidden".

Incorrect Index File

The try_files tries the literal path you specify in relation to the defined root directive and sets the internal file pointer. If you have directory indexing off, and is having this problem, it's probably because the try_files you are using has a directory option:

location / { try_files $uri $uri/ /index.html index.php; }

to

location / { try_files $uri /index.html index.php; }

Incorrectly set permissions

This error can also result from files and directories having incorrectly set permissions. In order to resolve this , change the directories permission to 755 and the file permissions to 644 . Make sure that the user running the Nginx process owns the files. For example, set user to www-data:

sudo chown -R www-data:www-data *

Finally, set the directory and file permissions as:

sudo chmod 755 {dir} sudo chmod 644 {files}


NEXT.....How long can a URL be?