In this article, you will learn:
403 Forbidden Error
You can recognize error 403 by the large heading Forbidden at the top of the page. Under the heading, you will find a more detailed description of the error. The page tab shows the text 403 Forbidden.

Solution to Error 403
Error 403 can have various causes. Based on the message under the heading Forbidden, you can identify the specific cause, but if you are not sure, go through the entire procedure.
The steps of this procedure are:
- Fixing file permissions
- Checking files on FTP
- Activating HTTPS
- Checking CMS settings
- Support intervention
When verifying the solution, reload the page using the keyboard shortcut Ctrl + Shift + R, which bypasses the browser cache. If the shortcut does not work, clear the browser cache.
Fixing file permissions
By fixing file permissions, you ensure the browser can access all files and folders on the website. Restricting these permissions is one of the most common causes of Error 403.
Fixing file permissions can take up to several tens of minutes depending on the number of Webhosting files.
Proceed with these steps:
- Log in to the customer administration ⧉.
- In the top menu, select Hosting services Webhosting or WMS.
- Select the service for which you want to fix file permissions.
- In the left menu, select Tools.
In the File permission repair table, click the Fix file permissions button.

If fixing file permissions did not help, continue with checking files on FTP.
Checking files on FTP
Before making any changes on FTP, we strongly recommend backing up the files according to the guide Webhosting – Backup.
If the problem with file access was not caused by permissions, the files necessary for the website to function are probably damaged or deleted.
For the next step, log in to FTP, for example through the WebFTP ⧉ (manual) interface using the main FTP account. If you do not know the login details, follow the instructions in Webhosting – FTP Accounts.
First, check that only the folders session, tmp, and www are located in the root directory.

If any of the folders is missing, create it (you can find a detailed guide in the article Webhosting – Basic FTP Directory Structure). If you see completely different folders, first make sure that you are really in the root folder of the account, which only the main FTP account can access.
In the next step, verify that the www folder contains:
- The .htaccess file (including the dot at the beginning).
- Website files including the index.html file (alternatively index.php), the domains folder (or subdom), or both.

If the .htaccess file is missing, restore it in the Webhosting Tools (same access as for Fixing file permissions, but the box Restore default .htaccess).
If you have CMS files in the www folder (for example WordPress), upload the .htaccess file from a working installation or backup. The default .htaccess will probably not work.
If the index.html or index.php file is missing, restore it from a backup or from a working CMS installation. If your website is in a subfolder of the domains directory (or subdom for subdomains), you do not need an index file in the www folder.
If the website files and the domains folder (or subdom) are missing, the website has been completely deleted. If you do not have your own backup, you can try requesting ours according to the guide Webhosting – Backup.
Finally, check the contents of the domains folder, or subdom.
- The domains folder should correctly contain additional folders with the full domain or subdomain names on which the websites run. Only inside these folders should the web pages be located, again as index.html or index.php files.
- The subdom folder works similarly to domains, but it contains folders named after subdomains without the domain suffix. Inside these folders are the index.html or index.php files.

If all files are in order and Error 403 persists, check the contents of all .htaccess files to see whether they contain code for blocking content according to this pattern:
order deny,allow deny from all // deny access to everyone allow from X.Y.Z.Ž // allow access to listed IP addresses
This code will show Error 403 to anyone who tries to view the contents of the folder it is in from an IP address other than the one in the allow list.
Activating HTTPS
In some cases, Error 403 can be caused by a problem with HTTPS settings. According to the guide Webhosting – Manual HTTPS setup, check that your domain is added to a certificate that has been active for at least 30 minutes.
Checking CMS settings
Content management systems (typically the WooCommerce plugin for WordPress) may restrict access to certain file types. If you see Error 403 for files of a certain type or in a certain folder that otherwise appears to be fine, check the CMS or plugin settings.
Support intervention
If none of the above steps removed Error 403, you can ask customer support to review the problem.
Support will not perform the intervention for you; it can only point out a possible source of the problem. Detailed information about the scope of support work can be found on the Customer support ⧉ page.
Proceed with these steps:
- Activate temporary FTP access for support according to this guide.
- Contact support via the form ⧉. Include the website name, a thorough description of the problem (e.g. if the error occurs only in specific cases), and information that temporary FTP access has been activated.
- Wait. If the intervention takes longer than the temporary FTP access period, keep it open.
Frequently asked questions
What if nothing in the guide helped me?
Request support intervention ⧉ and wait for a response. These interventions are beyond standard support, so processing the request may take much longer than the usual response time.
Can I do anything to make sure the correct permissions are also set for newly uploaded files?
Not on our side. Check the manual for your FTP client or other mechanism you use to upload files. Alternatively, you can fix permissions with your own PHP script run periodically via CRON.
I set up WordPress security according to this guide ⧉ and now I can't get into the administration because of Error 403. What should I do?
Check that you are accessing it from the IP address allowed according to the article's Chapter 2 ⧉. If you cannot rely on the connection from that IP address, do not use this security method.
Does Error 403 occur elsewhere than at WEDOS?
Yes, it is a common error caused by the unavailability of key files on the server. The server (webhosting) is working without problems; the fix lies in setting the correct file permissions and verifying access to the website's key files.