Fix the 403 Forbidden Error

The 403 Forbidden Error can appear in different ways depending on your browser:

403 Forbidden – You don’t have permission to access ‘/’ on this server.

403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

The 403 error happens for two primary reasons – please use the steps below to fix it.

index.php file is missing from your website folder

A common reason a 403 Forbidden error happens is from a missing index.php in your website folder.

To check and add either of a index.php file to your website folder, use the steps below.

1. Log in to your hosting control panel
2. Click on the File Manager button

3. Double click on the domains folder

4. Double click on your website domain name folder

5. Double click on the public_html folder

6. Look for an index.php file, if it’s missing go to Step 7. If you see an index.php file, go to the next solution below

7. If the index.php file is missing, you have to create one. Click on the Create text file button to the left

8. From the dropdown, select Other… and in the File Name type in: index.php

9. Find your index.php file, right click on it, click Edit from the dropdown, paste in the required code snippet for your specific application and click the Save File button

index.html file is missing from your website folder

Another common reason a 403 Forbidden error happens is from a missing index.html in your website folder.

To check and add either of a index.html file to your website folder, use the steps below.

1. Log in to your hosting control panel
2. Click on the File Manager button

3. Double click on the domains folder

4. Double click on your website’s domain name folder

5. Double click on the public_html folder

6. Look for an index.html_ file, if it’s missing go to Step 7. If you see an index.html_ file, go to the next solution below.

7. If the index.html_ file is missing, you have to create one. Click on the Create text file button to the left

8. From the dropdown, select Other… and in the File Name type in: index.html_

9. Find your index.html_ file, right click on it, click Edit from the dropdown, paste in the required code snippet for your specific application and click the Save File button

Modsec firewall trigger

Sometimes it’s possible that a 403 error gets triggered by a Modsec rule, which means an action performed on your browser triggered a network firewall rule. Use the steps below to determine if a firewall Modsec rule is being triggered.

1. Log in to your hosting control panel
2. Click on the Account Usage button

3. Locate your website’s domain name under the Domain column
4. On your domain’s row, click on Error Log under the Logs column

5. Scroll all the way to the bottom of the report and locate the most recent date and time (timestamps are in EST- Eastern Standard Time) – this is your most recent error log entry
6. On the most recent error log entry, scroll all the way to the right (horizontally) to view the full error, here is an example:

7. The error log will confirm if a firewall Modsec rule is being triggered, and will look similar to the example below with [MODSEC] mod_security indicated:

2023-11-12 09:22:26.457356 [NOTICE] [1812847] [T2] [70.126.138.244:36962-H3:C76CDF23F821D4EE-0#APVH_www.skystrahelp.com:443] [MODSEC] mod_security rule [id "77350123"] at [/etc/modsecurity.d/011_i360_1_infectors.conf:568] triggered!

8. If the error is being triggered by a security rule, labeled as MODSEC – open and submit a request to our team