Notice that another issue that might be causing this is that, the «FollowSymLinks» option of a parent directory might have been mistakenly overwritten by the options of your project’s directory. This was the case for me and made me pull my hair until I found out the cause!
Here’s an example of such a mistake:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options Indexes # <--- NOT OK! It's overwriting the above option of the "/" directory.
AllowOverride all
Require all granted
</Directory>
So now if you check the Apache’s log message(tail -n 50 -f /var/www/html/{the_error_log_file_of_your_site}) you’ll see such an error:
Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive
is also forbidden due to its similar ability to circumvent directory restrictions
That’s because Indexes in the above rules for /var/www directory is overwriting the FolowSymLinks of the / directory. So now that you know the cause, in order to fix it, you can do many things depending on your need. For instance:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options FollowSymLinks Indexes # <--- OK.
AllowOverride all
Require all granted
</Directory>
Or even this:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options -Indexes # <--- OK as well! It will NOT cause an overwrite.
AllowOverride all
Require all granted
</Directory>
The example above will not cause the overwrite issue, because in Apache, if an option is «+» it will overwrite the «+»s only, and if it’s a «-«, it will overwrite the «-«s… (Don’t ask me for a reference on that though, it’s just my interpretation of an Apache’s error message(checked through journalctl -xe) which says: Either all Options must start with + or -, or no Option may. when an option has a sign, but another one doesn’t(E.g., FollowSymLinks -Indexes). So it’s my personal conclusion -thus should be taken with a grain of salt- that if I’ve used -Indexes as the option, that will be considered as a whole distinct set of options by the Apache from the other option in the «/» which doesn’t have any signs on it, and so no annoying rewrites will occur in the end, which I could successfully confirm by the above rules in a project directory of my own).
Hope that this will help you pull much less of your hair! 
Introduction
Apache is a popular open-source app for running web servers, owing to its reliability and stability. Despite its ease of use, it’s not uncommon to encounter a ‘403 Forbidden’ error after setting up a website using Apache.
In this tutorial, we will go over potential causes of the Apache ‘403 Forbidden’ error and different ways you can fix it.
Prerequisites
- A user account with root or sudo privileges
- Access to the command line terminal
- An installed version of Apache web server
Apache 403 Forbidden: Effects and Possible Causes
The Apache ‘403 Forbidden’ error appears when you try to load a web page with restricted access. Depending on your browser and the website in question, there are different versions of the 403 error message:
- Forbidden
- Error 403
- HTTP Error 403.14 – Forbidden
- 403 Forbidden
- HTTP 403
- Forbidden: You don’t have permission to access the site using this server
- Error 403 – Forbidden
- HTTP Error 403 – Forbidden
There are several potential reasons why the Apache 403 error occurs:
- The first option is a permission error in the webroot directory, where users don’t have access to website files.
- The second possible reason for a 403 error is missing or incorrect settings in the Apache configuration files.
- Finally, failing to set up a default directory index also triggers a 403 error message in Apache.
How to Fix ‘403 Forbidden’ in Apache
If you have come across an Apache ‘403 Forbidden’ message, there are several ways to fix it:
Method 1: Setting File Permissions and Ownership
If you suspect the cause of the 403 error to be incorrect file permissions, use:
sudo chmod -R 775 /path/to/webroot/directoryThe chmod command sets the execute permission for the webroot directory and read permission for the index.html file.
To change directory ownership, use:
sudo chown -R user:group /path/to/webroot/directoryWhere:
useris the user account with root privileges on your web server.groupiswww-dataorapache.
Restart the Apache web server for the changes to take effect.
If you are working with Ubuntu, use the following command to restart Apache:
sudo systemctl restart apache2If you are working with Centos, use:
sudo systemctl restart httpdMethod 2: Setting Apache Directives
It is possible that the proper require directive is not configured and restricts access to resources. To fix it:
1. Access Apache’s main configuration file. For Ubuntu, use:
sudo nano /etc/apache2/apache2.confFor Centos, use:
sudo nano /etc/httpd/httpd.conf2. Once you open the configuration file, scroll down to the following section:
3. If the final line in the <Directory /var/www/> section contains Require all denied, change it to Require all granted.
4. Press Ctrl+X and then Y to save changes to the Apache configuration file.
5. Restart the Apache web server for the changes to take effect. For Ubuntu, use:
sudo systemctl restart apache2For Centos, use:
sudo systemctl restart httpdMethod 3: Adding a Default Directory Index
When a user visits a URL that requests a directory, the web server looks for a file in the given directory. If the file or any similar files are not found, and directory index listings are disabled, the web server displays the ‘403 Forbidden’ error message.
To fix the issue, add a default directory index.
1. Access Apache’s main configuration file by using:
sudo nano /etc/apache2/apache2.conf2. Scroll down to find out the default index file name:
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml3. Make sure there is a file in the webroot folder with this name and upload it if it’s missing.
Conclusion
After following this tutorial, you should be able to determine the cause of an Apache ‘403 Forbidden’ error and fix any issues you may find.
If you want to find out more about 403 forbidden error, read our article 403 forbidden error — what is it and how to fix it.
Notice that another issue that might be causing this is that, the «FollowSymLinks» option of a parent directory might have been mistakenly overwritten by the options of your project’s directory. This was the case for me and made me pull my hair until I found out the cause!
Here’s an example of such a mistake:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options Indexes # <--- NOT OK! It's overwriting the above option of the "/" directory.
AllowOverride all
Require all granted
</Directory>
So now if you check the Apache’s log message(tail -n 50 -f /var/www/html/{the_error_log_file_of_your_site}) you’ll see such an error:
Options FollowSymLinks and SymLinksIfOwnerMatch are both off, so the RewriteRule directive
is also forbidden due to its similar ability to circumvent directory restrictions
That’s because Indexes in the above rules for /var/www directory is overwriting the FolowSymLinks of the / directory. So now that you know the cause, in order to fix it, you can do many things depending on your need. For instance:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options FollowSymLinks Indexes # <--- OK.
AllowOverride all
Require all granted
</Directory>
Or even this:
<Directory />
Options FollowSymLinks
AllowOverride all
Require all denied
</Directory>
<Directory /var/www/>
Options -Indexes # <--- OK as well! It will NOT cause an overwrite.
AllowOverride all
Require all granted
</Directory>
The example above will not cause the overwrite issue, because in Apache, if an option is «+» it will overwrite the «+»s only, and if it’s a «-«, it will overwrite the «-«s… (Don’t ask me for a reference on that though, it’s just my interpretation of an Apache’s error message(checked through journalctl -xe) which says: Either all Options must start with + or -, or no Option may. when an option has a sign, but another one doesn’t(E.g., FollowSymLinks -Indexes). So it’s my personal conclusion -thus should be taken with a grain of salt- that if I’ve used -Indexes as the option, that will be considered as a whole distinct set of options by the Apache from the other option in the «/» which doesn’t have any signs on it, and so no annoying rewrites will occur in the end, which I could successfully confirm by the above rules in a project directory of my own).
Hope that this will help you pull much less of your hair!
Apache web server is one of the most popular and widely used open-source web servers thanks to its stability and reliability. The web server commands a huge market, especially in web hosting platforms.
Be that as it may, you may get a “Forbidden – You don’t have permission to access / on this server” error on your browser after setting up your website. It’s quite a common error and a good chunk of users have experienced it while testing their site. So what is this error?
Demystifying the Forbidden Error
Also referred to as the 403 Forbidden error, Apache’s ‘Forbidden Error’ is an error that is displayed on a web page when you are attempting to access a website that’s restricted or forbidden. It’s usually splashed on the browser as shown.
Additionally, the error can manifest in several ways on the browser as indicated below:
- HTTP Error 403 – Forbidden
- Forbidden: You don’t have permission to access [directory] on this server
- 403 Forbidden
- Access Denied You don’t have permission to access
- 403 forbidden requests forbidden by administrative rules
So what causes such errors?
The ‘403 Forbidden Error‘ occurs due to the following main reasons:
1. Incorrect File / Directory Permissions
This error can be triggered due to incorrect file/folder permissions on the webroot directory. If the default file permissions are not adjusted to grant users access to the website files, then the chances of this error popping on a web browser are high.
2. Misconfiguration of the Apache Configuration Files
This error can also be attributed to a misconfiguration of one of the Apache configuration files. It could be an incorrect parameter that has been included or missing directives in the configuration file.
Fixing the ‘403 Forbidden Error’
If you have encountered this error, here are a few steps that you can take to remedy this.
1. Adjust File Permissions & Ownership of the Webroot Directory
Incorrect file permissions & directory ownership are known to restrict access to website files. So, firstly, be sure to assign the file permissions recursively to the webroot directory as shown.
The webroot directory should always have EXECUTE permissions and the index.html file should have READ permissions.
$ cd /path/to/webroot/directory
$ sudo find . -type d -exec chmod 755 {} \;
$ sudo find . -type f -exec chmod 644 {} \;
The above find command is used to find all directories (folders) and files within the current directory (.) and set their permissions to 755 (directories) and 644 (files).
Additionally, adjust the ownership of files and directories to a specific user (tecmint) and group www-data or apache using the chown command as shown.
$ sudo chown -R tecmint:apache .
Finally, reload or restart the Apache webserver for the changes to take effect.
$ sudo systemctl restart apache2 OR $ sudo systemctl restart httpd
If this does not resolve the issue, proceed to the next step:
2. Adjust Directives in Apache Main Configuration File
If you are on Debian-based Linux, in Apache’s main configuration file /etc/apache2/apache2.conf, ensure that you have this block of code:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Save and exit and thereafter, restart the Apache.
If you are running Apache on RHEL-based distributions / CentOS systems, ensure that you relax access to the /var/www directory in the /etc/httpd/conf/httpd.conf main Apache configuration file.
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
Then save all the changes and reload Apache.
$ sudo systemctl reload apache2 OR $ sudo systemctl reload httpd
If after trying all these steps you are still getting the error, then please check the configuration of your virtual host files.
We have detailed articles on how you can configure the Apache Virtual host file on:
- How to Install Apache with Virtual Hosts on Debian
- How to Configure Apache Virtual Hosts on Rocky Linux
- How to Install Apache with Virtual Host on CentOS
I hope that the steps provided have helped you clear the 403 error.
apache tutorial — 403 forbidden Error — apache — apache web server — apache server — apache2
2. http 403 — Cause:
This problem 403 error occurs when any of the following conditions is true:
- There is no index file in the document root directory (for example, there is no index.html or index.php file in the public_html directory) which arises status 403.
- http status code 403 — Permissions are set incorrectly for either the .htaccess file or the public_html directory:
- The file permissions for the .htaccess file should be set to 644
- read and write permissions for the user, and
- read permissions for the group and world).
- The permissions for the public_html directory should be set to 755
- read, write, and execute permissions for the user, and
- read and execute permissions for the group and world.
- When the 403 area code error occurs, this often indicates that the permissions for the public_html directory are set incorrectly to 644 which may arise 403 forbidden access is denied.
- Caching -> A previously requested version of a URL returning a 403 forbidden error it may be cached in the browser. Clearing your cache may solve the problem. So that, you aren’t being served with old files.
- http forbidden — Accessing Hidden Files / Wrong URL -> If a user tries to access hidden files stored on your web server such as the .htaccess file, this will also return a 403 forbidden error.
- Hidden files are not meant to publicly accessible which is why the server restricts them and lets the user know they are forbidden to access them.
- Similarly, if a user incorrectly enters a URL, a 403 forbidden Nginx error message (or something similar) may also occur depending on what they have entered, for example, a directory instead of a file path.
- nginx 403 — Fixing an Nginx 403 Forbidden Error
- In addition to the 403 error causes mentioned above, there are also a few things you can do to troubleshoot for Nginx 403 forbidden error.
- No index file defined – When there is no index file present in the directory defined with the index directive, this can result in an nginx 403 forbidden.
For example, consider the following index directive:
index index.html index.htm index.php;click below button to copy the code. By Apache tutorial team
- Nginx will search from left to right for the defined index files. Starting with index.html and ending with index.php, if none of the defined files are found, Nginx will return a 403 error.
- IP based restrictions – Your nginx.conf file should also be verified to ensure you are not unintentionally denying a particular IP. Check the configuration file for directives similar to deny 192.x.x.x; which will block said IP from accessing a particular directory, website, or your complete server (depending on where you define it).
- Autoindex Off – With Nginx, if you don’t have an index file then a request gets passed on to the ngx_http_autoindex_module. If this module is set to off then you will likely receive a Nginx 403 forbidden error. Setting this module to on should resolve the 403 error. For example:
location /directory {
autoindex on;
}click below button to copy the code. By Apache tutorial team
3. 403 forbidden error fix or 403 forbidden access is denied how to solve :
- First, make sure there is an index page in the document root directory.
- Next, make sure the correct file permissions are set for the .htaccess file.
- Type the following command at the command prompt:
- how to fix error code 403 — To set the correct file permissions in the public_html directory. Then type the following command at the command prompt:
4. Differences Between 403 Forbidden and 401 Unauthorized Errors
- A 401 – Unauthorized error occurs when a request to a particular resource that requires authentication either does not provide authentication or the authentication provided fails.
- A 403 error on the other hand, is returned when the authentication process is passed, but the user is not allowed to perform a particular operation or the operation is forbidden to all users.
Related Searches to 403 forbidden Error
how to hack 403 forbidden siteshow to bypass 403 forbidden sql injectionbypass 403 forbidden nginxbypass forbidden you don t have permission to accesshow to bypass 403 forbidden blocked by url filterbypass forbidden download403 forbidden apple iforgotapple support 403 forbiddenapple 403 forbidden shieldwhat does 403 forbidden mean on iphone403 forbidden iphoneapple id forbidden shieldapple website 403 forbiddenfix 403 forbidden error on ipadhow to solve 403 forbidden error in wordpresswordpress 403 forbidden nginxwordpress you don’t have permission to access / on this server.403 forbidden error fix cpanelyou don’t have permission to access /wp-admin/ on this server.wordpress 403 forbidden wp-adminyou don’t have permission to access /wp-login.php on this server.you don’t have permission to access /wp-admin/post.php on this server.403 forbidden nginx ubuntu403 forbidden nginx fixnginx 403 forbidden macdirectory index of /usr/share/nginx/html/ is forbiddennginx 403 forbidden centosnginx 403 forbidden windowsdirectory index of «/var/www/» is forbidden403 forbidden nginx phphow to fix 403 forbidden error on google chrome403 forbidden error fix android403 forbidden access is denied403 forbidden shield