Hacking Book | Free Online Hacking Learning


403) forbidden) - what's wrong and how to correct it

Posted by forbes at 2020-02-20

Often, when a website has a serious failure, we can see an error report in the browser window, indicating its code. If the error code is "404", which is so famous today, it even becomes a way of "403 Forbidden", which means "403 Forbidden", not everyone knows.

What do you mean 403 Forbidden?

Well, let's find out. There are 403 errors in the website. In fact, it's not an error, because only when users try to open a file or web page, they don't visit it.

That is to say, there is a considerable possibility that when you see the precious number "403" on the screen, on the website and on the server, it is completely correct. You're just not allowed to browse the page.

In this case, you must understand that it is prohibited to use a smartphone or tablet that may be used by an ISP or computer owner. The website you are trying to access may be blocked for political reasons, or it may just be under "parental control". In some cases, it is quite common for system administrators of large companies to specifically prohibit access to certain websites, such as social networks.

On the other hand, 403 Forbidden nginx may appear in the CMS configuration error of a website or server. In addition, as we all know, search engines are very disliked when there is an open page on the website, but users cannot access it.

So we have to deal with it.

What's wrong with 403 Forbidden? SIP

In the SIP response code list, you can see several types of errors:

In our case, the most relevant are users disabled and forbidden.

How to correct 403 Forbidden errors?

First of all, let's find a possible solution, such an error:

In the first case, you don't need to lift the access ban on the web page, but try to minimize the harm that search engines may cause to the website.

This is very simple - you are forbidden to index specific pages and files in robots. TXT.

In the second case, a series of activities must be carried out to understand the root causes of the problem. For example, on the 403 Forbidden wrong mobile phone, there is likely to be a simple ban on browsing pages from the mobile phone. Or for some reason, the website is locked to a specific IP address. To understand this, just try to access the site from different devices and networks.

Often, webmasters deny IP access, which is used for a variety of malicious acts, such as DoS attacks, or attempts to crack. In this case, the only solution is to change the IP address or communicate with site management.

Problems with index files

Often, your server returns error 403 because it does not have the correct profile index. He is directly responsible for displaying the home page. If the file has an incorrect extension, the browser will not receive the data at all and issue an error 403 accordingly.

What kind of extension is allowed:

Ideally, the latter is the most universal. If you have a reason that you can't add a file index with the required extension, you can create your index in htaccess. Sometimes they do this to prevent DDoS attacks.

Permission settings

Sometimes, when an administrator is processing data on the server, he or she accidentally forbids access to specific files, or even the entire folder. This causes the server, when trying to access a file or folder, to return code 500 and the user still gets the same error 403.

To correct and avoid this error, you must create a folder in the list, allow access, and you want to disable access. You can configure access to files and folders, use any FTP manager, or use the control command Chmod.

The most common is the right option, which will install 644 file rights, 755 folder rights.

Set up problems in htaccess.

As you know, to access files and folders, you can not only configure permissions on the server, but also configure them in htaccess. This file requires a separate article.

At the very least, we do not recommend amending or removing some access restrictions.

Bad page path

There may be an option when the user tries to open a file just in the wrong folder. This may be because:

In both cases, you must check the actual location of files or folders on the server to make sure they are at the correct address.

Often, download sites to folders on different hosts. Therefore, we should be clear about whether the website file is uploaded to support services.

DNS cache cache error

In this version, the 403 error may be due to a transfer to another host or other host area. Sometimes, this causes the DNS cache to fail to update and users will be sent to addresses that do not exist.

In this case, just wait a few to 24 hours for DNS to get updated and work.


Although in form, 403 mistakes are not a real mistake. This is a very normal reaction, prohibiting or not being able to access files or folders. Another problem is that blocking access to files or folders can be caused by the site administrator's target behavior and incorrect settings.

However, in some cases, they may have quite unpleasant consequences for your site, especially if the page is indexed in a search engine, But it is still forbidden.

To correct these errors, you must first thoroughly check all access settings, namely:

If all of the above tests fail, just wait for the DNS cache to update. It will be a good contact. Your website may be shut down because of a violation of the law or a complaint.

Don't forget that in some cases, the problem may be caused by illegal behavior of a specific IP address, so the site and server configuration are completely correct. In this case, the supplier must be contacted and explained the difficulties encountered. You can also try to contact the website administration.