If you encounter the WordPress 403 Forbidden error, you might not be able to log in to the back end of your site or access a specific page. This can be frustrating and prevent you from getting important work done.
The good news is that there are several easy strategies you can try to resolve this common WordPress error. For example, you can clear your browser cache, deactivate your plugins, or turn off your CDN. If none of that works, you can try a more advanced tactic, such as restoring your .htaccess file or updating your file permissions.
👉 In this post, we’ll start by introducing the WordPress 403 Forbidden error and what causes it. Then we’ll go over some ways you can troubleshoot this pesky issue. Let’s get to it!
An introduction to the WordPress 403 Forbidden error
Before we show you how to fix the WordPress 403 Forbidden error, let’s talk a bit about what it means. As the name suggests, this message displays when you don’t have access to the server you’re trying to reach.
You’re most likely to encounter this error when trying to log in to your WordPress admin dashboard or when installing the core software for the CMS. However, it can also happen on any page or post you’re trying to visit.
That can make this issue particularly frustrating. Fortunately, you can take action to get rid of it. 😎
How to fix the WordPress 403 Forbidden error (7 strategies)
Now that you know a bit more about the WordPress 403 Forbidden error, we’ll show some strategies you can try in order to fix it. They’re roughly ordered from easiest to hardest, so it’s best to start at the top with a few proven troubleshooting tricks.
- Clear your browser cache
- Deactivate your plugins
- Turn off your CDN
- Disconnect from your VPN
- Remove and restore your .htaccess file
- Update your file permissions
- Contact your web hosting provider
1. Clear your browser cache 🧹
Let’s begin with one of the simplest ways to fix the WordPress 403 Forbidden error. A corrupt or outdated browser cache can make it impossible for the server to retrieve the content for the web page you’re trying to access properly. In that case, clearing your browser cache may be enough to resolve the problem.
The steps to do this will depend on which browser you’re using. For example, in Google Chrome you’ll click on the three dots in the upper right-hand corner of your browser screen:
Go to More Tools → Clear Browsing Data. You’ll see a pop-up:
Make sure the box for Cached images and files is selected. If you don’t want to delete other data, you can uncheck the boxes for Browsing history and Cookies and other site data.
To be safe, you may want to set the Time Range to All Time. When you’re happy with your selections, click on Clear Data.
👉 Themeisle has a guide on how to clear the browser cache in other browsers.
2. Deactivate your plugins 🔌
If you’re still seeing the WordPress 403 Forbidden error after clearing your browser cache, that means the problem is somewhere else. A smart next tactic is to try deactivating your WordPress plugins.
That’s because an outdated or corrupt plugin could be causing the issue.
If you’re still able to access your WordPress dashboard, you can easily deactivate your plugins right from the dashboard. However, if you’re unable to access your dashboard because of the 403 Forbidden error, you can also deactivate plugins via FTP (covered below).
Deactivate plugins via WordPress dashboard
If you do have access to your admin screen, first create a backup of your site, and ideally use a staging site for the following process. Then go to Plugins → Installed Plugins:
Under each plugin, you’ll see a link labeled Deactivate. Now, deactivate one plugin, then return to the page that’s showing the error. If it’s resolved, you’ll know that plugin was the root of the issue.
Otherwise, go through your entire plugin list and deactivate them one-by-one, checking your error page each time. If you can pinpoint a plugin that’s causing the 403 error, try deleting it entirely and re-installing it. Also, make sure the plugin is up-to-date. If the issue persists and is caused by an essential plugin, you may need to look for an alternative.
If you have a lot of plugins and the above seems too tedious, you can try deactivating them all at once. However, be especially wary of doing this on a live site rather than a testing/staging copy.
Return to Installed Plugins, and check the box next to Plugins to select them all. Then open the drop-down menu for Bulk Actions:
Select Deactivate, followed by Apply. If the error message goes away, you know that one of your plugins was at fault, and you can follow the process described above to test them one by one.
Deactivate WordPress plugins via FTP
If you’re unable to access your WordPress dashboard, you can also deactivate your plugins by connecting to your site’s server via FTP using an FTP client such as FileZilla.
Not sure what FTP is? Themeisle has a good introduction to FTP for WordPress users.
Once you’ve connected to your server, here’s what to do:
- Find the plugins folder inside the wp-content folder.
- Right-click on the plugins folder and choose the option to rename it.
- Change the name to something like plugins-off.
Changing the name of the folder will automatically deactivate all of the plugins on your site. You can then try accessing your site’s dashboard to see if the WordPress 403 Forbidden error has disappeared.
If the error is gone, you know that there’s an issue in one of your site’s plugins.
You can then go back to your FTP client and rename the folder back to plugins from plugins-old. As long as you’ve logged in to your WordPress dashboard, the plugins should now appear in the Plugins list again, but they will rename inactive.
You can reactivate them one by one until you find the plugin that’s causing the WordPress 403 Forbidden error on your site.
3. Turn off your CDN 💻
Implementing a content delivery network (CDN) on your website can be an excellent way to ensure that it performs optimally, no matter where your visitors are located. However, if there is an issue with your CDN’s server configuration, this could result in the WordPress 403 Forbidden error.
You can turn off your CDN to test this. There are many different CDN providers, but Cloudflare is one of the most popular. So we’ll use it for our example. Log in to your Cloudflare control panel, and go to Overview in the menu:
After that, scroll to the bottom of the page and find Advanced Actions. As you can see, you can either pause or completely remove your site from Cloudflare. We recommend just pausing it to start.
Then you can test your site to see if the 403 error persists.
4. Disconnect from your VPN 🚧
If you use a virtual private network (VPN) to protect your privacy, this could also be causing the issue. So you might need to disconnect it.
That process will vary depending on your provider. However, it’s usually simple. It may be as easy as toggling an off switch in your Chrome extension settings. Once you’ve disconnected your VPN, revisit the page that was displaying the error to determine whether this was the issue.
5. Remove and restore your .htaccess file 🔄
If none of the above methods have fixed the WordPress 403 Forbidden error, you can try removing and restoring your site’s .htaccess file. It could be corrupt.
However, keep in mind that this method is only suitable for advanced WordPress users. Managing website files is a delicate process, and even a tiny mistake could severely impact the functionality of your website.
Even if you’re comfortable moving forward, you’ll still want to begin this process by making a fresh backup of your site. Once that’s done, you’ll want to connect your website to an FTP client such as FileZilla.
To do this, you’ll need your FTP credentials from your web host. If you’re not sure what they are, you can find them in your control panel or reach out to your web host’s support team. Once your site is connected, you’ll be able to manage its files remotely:
Now, locate your root folder, which should be labeled something like public_html:
Within this folder, find the .htaccess file. Before going further, we recommend downloading a copy of this file so that you have a backup of its current configuration.
Once you’ve done that, you can Delete the .htaccess file.
Then, revisit the WordPress page that was displaying the 403 Forbidden error. If it’s now working, you’ve identified the problem.
Next, you’ll need to generate a new .htaccess file. To do this, go to Settings > Permalinks in your WordPress dashboard:
Scroll down to the bottom of the page and hit Save Changes. There’s no need to change any settings – just click the Save Changes button. This will generate a new .htaccess file for your site.
6. Update your file permissions 🔒
Another potential cause of the WordPress 403 Forbidden error is incorrect file permissions. That means you may need to update those permissions. This method also involves file management, so only proceed if you’re an experienced WordPress user and you’ve backed up your site.
Connect your site to an FTP client (as in the previous method). Then, find your public_html folder and right click on it:
Select File Attributes:
In the pop-up window, find the Numeric value field and input “750” or “755” (depending on what’s already there). Then select the Recurse into subdirectories box and the Apply to directories only option, and hit OK.
Next, right click on your public_html folder again and open File Attributes:
This time enter “644” for the Numeric value, and only select Recurse into subdirectories and Apply to files only. Hit OK, and test your site to see if the 403 error is resolved.
7. Contact your web hosting provider 📞
If none of the above strategies helped you resolve that pesky WordPress 403 Forbidden error, or if you don’t have the technical skills to attempt some of them, you can always contact your web hosting provider for help.
Depending on your hosting plan, you may be able to reach out via chat, email or telephone.
If you don’t find your host’s support to be very helpful, switching to a high-quality WordPress host might be able to help you fix the problem (and prevent issues in the future).
Fix the WordPress 403 Forbidden error for good 🛠️
Whether you’re a WordPress developer or you run a small online business, facing the WordPress 403 Forbidden error can be a huge inconvenience. That’s because it may mean you’re locked out of the WordPress admin dashboard or you can’t access an important page.
Fortunately, there are quite a few ways you can troubleshoot this problem. For starters, you can clear your browser cache, deactivate your plugins one by one, turn off your CDN, and disconnect from your VPN. If the issue persists, you can try restoring your .htaccess file or updating file permissions. As a last resort, you can get in touch with your hosting provider for assistance.
To get yourself ready to combat other WordPress issues in the future, you also might be interested in our guide on 20+ common WordPress errors, plus how to fix them.
Do you have any questions about fixing the WordPress 403 Forbidden error? Let us know in the comments section below!
…
Don’t forget to join our crash course on speeding up your WordPress site. Learn more below:
