Connect with us

403 Forbidden Access to this Resource on the Server is Denied!

403 forbidden access to this resource on the server is denied featured

Blogging

403 Forbidden Access to this Resource on the Server is Denied!

Are you getting the error, “403 Forbidden, Access to this resource on the server is denied, while updating a plugin settings in WordPress, or for some other reason? You’re in the right place.

In this tutorial, I will guide you on Why “403 Forbidden, Access to this resource on the server is denied error occurs, and How to solve this error.

This is the screenshot of the 403 Forbidden error that occurred when I clicked Save Changes after customizing Page Optimization settings of LiteSpeed Cache plugin.

403 Forbidden, Access to this resource on the server is denied in WordPress

Why 403 Forbidden Error Occurs?

The “403 Forbidden, Access to this resource on the server is denied error occurs because of your IP address that triggers the ModSecurity security service of your web hosting server (shared server).

ModSecurity is an Apache module which works as a web application firewall. It blocks known exploits and provides protection from a range of attacks against web applications. The ModSecurity comes with a Core Set Rules which has various rules for Cross Website Scripting, Bad User Agents, SQL Injection, Trojans, Session Hijacking, and other exploits.

Though ModSecurity protects your website and server by filtering the website data, but sometimes, it may incorrectly determine that a certain request is malicious, while it is actually legitimate. As a result, you get errors like 403 Forbidden, for no reason.

How to Solve 403 Forbidden Error?

There are two ways to get rid of 403 Forbidden error (1) Disable the ModSecurity for Your Domain (2) Whitelist the Triggered Rule.

01. Disable the ModSecurity for Your Domain

You can remove this error by completely disabling the ModSecurity for your domain, but it is not recommended. It may open your website and server to internet vulnerabilities and exploits.

But yes, you can disable ModSecurity for a while just to make sure that it is causing the 403 Forbidden error.

How to Disable ModSecurity on cPanel?

  • Login to your cPanel account.
  • Scroll-down to Security section, and click the ModSecurity.
Scroll-down to Security section, and click the ModSecurity.
  • Turn-off the ModSecurity for your domain.
Turn-off the ModSecurity for your domain.

02. Whitelist the Triggered Rule (Recommended)

Instead of disabling ModSecurity completely, it is possible to whitelist the single rules that were triggered, to bypass the block.

How to Whitelist the Triggered Rules?

Though there are different ways to whitelist the triggered rules, like Using Configuration File, Modsec Manager, Using WHM, Using .Htaccess file, but you may need permissions and some technical knowledge related to servers & scripts to perform them.

The recommended way to whitelist the triggered rule is by contacting your web hosting support. Contact them via Live Chat and tell them about the error. They will probe the error and whitelist only those rules which are causing the error.

This is the response that I received from my web hosting support:

It appears that your IP address has triggered our ModSecurity security service. I have whitelisted the triggered rule. Please try performing the same actions now.

You can see below that the LiteSpeed Cache’s Page Optimization settings are saved successfully after the triggered rules were whitelisted.

403 Forbidden error removed and LiteSpeed Cache page optimization settings were saved.

I hope that this solution would have helped you to solve the 403 Forbidden error. If you like this post then don’t forget to share with other people. Share your feedback in the comments section below.

Download Website themes

Also Read

Meer Basit is the founder of Meer’s World. He’s been running the show since launching the blog back in 2018. By background he is a computer scientist. Primarily, he creates content around blogging (WordPress, Blogger, Tumblr), SEO, affiliate programs, earn-online, reviews, eCommerce, & technology. He has got years of professional experience in web programming, computer programming, databases, data warehousing, & transcription. In general, he likes traveling, gardening, watching movies, is a passionate cricketer, creative writer, and a GSD lover.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in Blogging

To Top