Overview
The 403 Forbidden error is an HTTP status code which means that accessing the page or resource you were trying to reach is absolutely forbidden for some reason.
This article contains basic troubleshooting instructions for 403 Forbidden errors.
Symptom
You get the following error when you try to visit a web page:
Causes and Solutions
There are three common causes for this error. Here they are listed from most likely to least likely.
Empty html directory
Empty httpdocs directory
Make sure that your website content has been uploaded to the correct directory on your server. Remember to replace example.com with your own domain name.
- Grid: /domains/example.com/html/
- This is the path you will use for FTP. However, the full path to your website content is
/home/00000/domains/example.com/html/. The 00000 is your site number. See this article for details.
- This is the path you will use for FTP. However, the full path to your website content is
- DV server:
/var/www/vhosts/dv-example.com/httpdocs/- When you connect with your FTP user, you just need to navigate into the
httpdocsdirectory.
- When you connect with your FTP user, you just need to navigate into the
If this folder does not exist, feel free to create it.
No index page
The home page for your website must be called index.html or index.php.
To resolve this error, upload an index page to your htmlhttpdocs directory.
If you already have a home page called something else - home.html for example - you have a couple of options:
- Rename your home page to
index.htmlorindex.php. - Set up a redirect on the index page to your real home page. See How do I redirect my site using a .htaccess file? for details.
- Set a different default home page in your .htaccess.htaccess file. Javascript Kit has a good example.
If you don't want a single page to display, but instead want to show a list of files in that directory, see Making directories browsable, solving 403 errorsMaking directories browsable, solving 403 errors.
Permissions and ownership errors
A 403 Forbidden error can also be caused by incorrect ownership or permissions on your web content files and folders.
Permissions
Rule of thumb for correct permissions:
- Folders: 755
- Static Content: 644
- Dynamic Content: 700
Please see File Permissions for a complete discussion of permissions and security.
TIP:
Linux permissions can be represented with numbers, letters, or words. They also include an entry for Owner, Group, and Everyone.
- 755 stands for Owner: read, write, execute; Group: read, execute; Everyone: read, execute
- 644 stands for Owner: read, write; Group: read, Everyone: read
- 700 stands for Owner: read, write, execute; Group: (none); Everyone: (none)
Most FTP programs allow you to change permissions on a file or folder; see your FTP program documentation for details. You can also change permissions through SSH with the chmod command. See Common SSH CommandsCommon SSH Commands for details.
Ownership
In Linux file structures, every file and folder is assigned to an Owner and a Group. The correct owner and group for your server are as follows, listed like this:
owner:group
-
Grid - note that example.com is your primary domain:
- /domains/example.com/ - example.com:example.com OR example.com:www-data
- /domains/example.com/html/ - example.com:example.com OR example.com:www-data
- /domains/example.com/html/index.html - example.com:example.com
-
DV server - note that domainuser is the FTP user for that domain, and example.com is the specific domain in question:
- /var/www/vhosts/example.com/ - root:root
- /var/www/vhosts/example.com/httpdocs/ - domainuser:psaserv
- /var/www/vhosts/example.com/httpdocs/index.html - domainuser:psacln
You can change file ownership via SSH, using the chown command. See Common SSH CommandsCommon SSH Commands for details.