Resolve 403 (Forbidden) error

If you experience a  403 Forbidden Error Message on your site, that usually means access to some of your files gets blocked.

In most cases, this is due to an .htaccess file located in one of these folders:

  • /wp-content/
  • /wp-content/cache/

Renaming/deleting .htaccess

This can happen when some security plugins place an .htaccess file in one of these folders on your server which can prevent WP Rocket from working correctly. 

If you have a security plugin, modify the settings until the error resolves

You can also manually check these folders for any .htaccess files. If you find one, try re-naming it and see if the error resolves. If you decide to delete it, don't forget to create a backup before doing that.

Editing .htaccess

Usually the problem occurs because of one part of the .htaccess file's content. In that case you can try to edit the file until the issue is gone.

Note: Do this only if you are sure what you are doing!

Here is one example:

If the following code causes issues:

Order Allow,Deny
Deny from all
<Files ~ "\.(css|jpe?g|png|jpg|xsl|gif|ico|js|swf|pdf)$">
Allow from all
</Files>

It can be solved by commenting the first two lines of code:

# Order Allow,Deny
# Deny from all
<Files ~ "\.(css|jpe?g|png|jpg|xsl|gif|ico|js|swf|pdf)$">
Allow from all
</Files>

So it looks like this. This is just an example, and the cause of the problem can be different from case to case.

Server configuration

If above steps doesn't help, you should check your server configuration.

Note: Probably the best way to do this is to contact your hosting provider, they should be able to check and resolve the problem, especially if you are not familiar with system administration.

We have few cases in the past that helped resolving this issue.

cPanel: Make sure compression option is not turned on in cPanel. 

Plesk: For Plesk users,  recommended security setting for wp-content can produce the problem. If that happens to you, make sure to deactivate this option.

403 on AJAX Requests

If you are getting a 403 error on AJAX requests, it could be due to the presence of a nonce that is used to validate the request. Setting the Clear Cache Lifespan to 10 hours or less should resolve this. Please see this guide for more info about nonces and caching

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.