A 403 Forbidden error is most commonly triggered for one of these reasons listed below.
File permissions and ownership
As we operate a PHP environment, most files’ permissions should be set to 644 and folders set to 755. There are some exceptions to this rule – such as configuration files, which should be set lower. If you would like to reset all file and folder permissions to these values, you may use the VIPControl permissions fixer:
- Log in to VIPControl.
- Click the My Services link on the top → Hosting from the tabs underneath.
- Click the Manage button on the relevant service.
- Click on Permissions Fixer (found in the left menu).
- Read the recommendations and follow the prompts.
Clear your cookies
Sometimes it may be the result of a bad cookie stored within your web browser. This could be a cookie that our Mod Security deems as malicious, and the resolution to this is to clear your browser data.
If the two potential options above are found not to be the cause, it may be a result of a trigger within our Mod Security server protection system.
ModSecurity (also known as ‘mod_security’ or ‘modsec’) is an open source ‘Web Application Firewall’ which is an Apache module. This firewall will detect pattern behaviour that is suspicious or similar to the behaviour exhibited in scripting attacks.
See our guide Troubleshooting with Mod Security for steps on viewing these firewall rules and troubleshooting with them.