Many web server configurations have file permissions issues. It often makes the server inaccessible to visitors and manifests itself in the form of a 403 error. Usually the error message will be something like "Forbidden: You do not have permission to access / access this server". This bug can also limit access to other routes on the server, such as /Directory.

Similar problems can also occur due to problems in the Apache configuration file or even due to a damaged .htaccess File. This guide provides step-by-step solutions to all of these problems. Try them one by one, starting with the first solution.

What is causing this Apache 403 error?

This is a fairly common Apache-side 403 error that is caused by a variety of problems. Most of the time, however, this error occurs because you lack the necessary permissions to publicly access a site. Other than that, WordPress sites often have this problem due to a bad one .htaccess File.

In addition, there have been some changes in the way directives work since Apache version 2.4. This can also restrict public access to your website and lead to a 403 Forbidden Error.

1. Correct file permissions to avoid the error

Most of the people face this common 403 error due to the lack of proper permissions. If the site administrator forgets to enable read access to the outside world, end users will not be able to access the requested resource. This is often the cause of this error.

Instead, if you are a site administrator, you must ensure that files that are intended for public access have the appropriate read permissions. Otherwise, if this error occurs on a public site, contact the site administrator to resolve this issue.

Setting the correct permissions on publicly available files can be a little tricky. For this reason, admins should start with absolutely zero permissions and add them as needed. It's a good idea to set folders with Permission Mode. to have 755 and files with 644.

For a simple website you need directories To run Permission, and files should have read Approval. Make sure that you are not giving execute permission on files. Malicious users can use such files to gain unwanted access to public servers. The authorization mode for Read, Write and To run Access is 4, 2 or 1.

An authorization mode of 755 for directories means that only the owner has full access to the directory content. Group users and others can only read and execute. Similarly, the 644 permission mode on files gives the owner read and write access and read-only access to everyone else.

Correct your webroot directory permissions to resolve this error. The following command uses the chmod utility to set directory permissions to 755.

sudo find / var / www / html -type d -exec chmod 755 {} ;

This command assumes that you are using the default Apache document root directory to store your website. If you are using a different directory, replace the directory name accordingly. Use the following command to change all file permissions to 644.

sudo find / var / www / html -type f -exec chmod 644 {} ;

The above command uses the find utility to find individual files and sets the correct permission through chmod. The end {} contains the file paths returned by the find command, and the semicolon (;) marks the end of the iteration. Finally, restart the Apache server for your changes to take effect.

sudo systemctl restart apache2.service

This command restarts the Apache server on Ubuntu. However, many RPM-based distributions such as RHEL or CentOS install Apache as a httpd. For such systems, use the following command instead:

sudo systemctl restart httpd

2. Correct the .htaccess file for your WordPress website

The .htaccess file serves as a distributed configuration file and tells Apache how to handle things like configuration changes per directory. Sometimes this file can become corrupted and lead to a "You do not have permission to access this server" error.

Fortunately, if that is causing the 403 error on your server, the easy way to fix it is by creating a new .htaccess file. To create a new .htaccess file for your website, first log into your WordPress dashboard. Then click on Settings> Permalinks.

You don't need to make any further changes here. Just click on the save Changes Button and WordPress will generate a new .htaccess file for you.

So every time you face the above problem, try to create a new .htaccess file. The .htaccess method usually works fine for WordPress websites.

3. Configure directives in the Apache configuration file

Apache 2.4 uses a new configuration module called mod_authz_host. This module provides several new directives. In short, this implements the following rules:

  • Challenge all granted: Allow all requests
  • All denied request: Reject all requests
  • Request Only approval requests from

If you are using Apache 2.4 make sure that your main configuration file includes the following block of code. You can check out the contents of this file using a simple text editor such as Vim. Include this block in the configuration file if they are missing. Then you can save and exit Vim.

vim /etc/apache2/apache2.conf

Options FollowSymLinks
AllowOverride None
All denied request

AllowOverride None
Challenge all granted

Options indices FollowSymLinks
AllowOverride None
Challenge all granted

If you are running a RHEL-based web server, you must also have access to the / var / www Section in your Apache configuration file. So make sure that /etc/httpd/conf/httpd.conf File contains the following block of code.

vim /etc/httpd/conf/httpd.conf

AllowOverride None
Challenge all granted

Finally, restart the Apache server using one of the following commands.

# for Ubuntu and Debian
sudo systemctl restart apache2.service

# for RHEL and CentOS
sudo systemctl restart httpd

Fix the Apache server permission error

Many people face the above problem when accessing public websites or configuring their own websites. Several fixes for this issue have been addressed in this guide. Resetting the file system permission for Apache should be the first solution. If the error persists even after changing the permissions, try creating a new one .htaccess File and make sure the directives are set correctly in your Apache configuration file.

There are many more problems that can lead to a server-side error similar to this one. You must be familiar with troubleshooting Linux server problems in order to get your server up and running in such situations.

Use these 5 troubleshooting steps to troubleshoot Linux server problems

Get your Linux server up and running in minutes with these smart troubleshooting tips.

Continue reading

About the author

Rubaiat Hossain
(26 published articles)

Rubaiat is a CS graduate with a strong passion for open source. Aside from being a Unix veteran, he's also into network security, cryptography, and functional programming. He is a passionate collector of used books and has an endless admiration for classic rock.

By Rubaiat Hossain

Subscribe to our newsletter

Subscribe to our newsletter for tech tips, reviews, free e-books, and exclusive offers!

One more step …!

Please confirm your email address in the email we just sent you.