The 403 Forbidden Error is an HTTP response status code that indicates an identified client does not have proper authorization to lớn access the requested content. As with most HTTP response codes, a 403 Forbidden Error can be challenging lớn diagnose & resolve properly.

Bạn đang xem: 403 forbidden

With a pool of over 50 potential status codes representing the complex relationship between the client, a web application, a website server, và often multiple third-party website services, determining the cause of a particular status code can be a challenge under the best of circumstances.

This article will examine the 403 Forbidden Error in more detail. We"ll look at what causes this message, along with a handful of tips for diagnosing và debugging your own application. We"ll even examine a number of the most popular nội dung management systems (CMSs) for potential problem areas that could cause your own website lớn be generating a 403 Forbidden Error. Let"s dive in!

Server- or Client-Side?

All HTTP response status codes in the 4xx category are considered client error responses. These messages contrast with errors in the 5xx category, such as the 502 Bad Gateway Error. 500 errors are considered vps error responses.

That said, the appearance of a 4xx error doesn"t necessarily mean the issue has something to bởi vì with the client (the website browser or device used lớn access the application). Oftentimes, if you"re trying to diagnose an issue with your own application, you can ignore most client-side code and components. This includes HTML, cascading style sheets (CSS), client-side JavaScript, etc. This doesn"t apply just to websites, either. Behind the scenes, normal web applications power smartphone apps that use a modern-looking user interface.

Although the 403 Forbidden Error is considered a client error response, you shouldn"t rule out the hệ thống as the culprit. The vps network object is producing the 403 Error và returning it as the HTTP response code to lớn the client. On the other hand, this doesn"t rule out the client as the actual cause of a 403 Forbidden Error, either. The client might be trying to access an invalid URL, the browser could be failing khổng lồ send the proper credentials lớn the site, and so forth. We"ll explore some of these scenarios (and potential solutions) below.

Start With a Thorough Application Backup

Before making changes to your application, make sure to back up your system. This might include a full backup of your application, database, and so forth.

If you have the capability, create a complete copy of the application onto a secondary staging hệ thống that isn"t "live" or available khổng lồ the public. This will allow you to chạy thử all potential fixes without threatening the security of your live application.

Diagnosing a 403 Forbidden Error

As previously mentioned, many 403 Forbidden Errors involve the hệ thống denying authorization lớn a client (a website browser, in most cases) that has requested content.

This typically occurs in one of two scenarios:

The client sent its authentication credentials to lớn the server & the vps authenticated that the client was valid. Yet, the server rejected the authorized client from accessing the requested content for some reason.The requested content is strictly forbidden for all clients, regardless of authorization. This occurs when attempting lớn access an invalid or forbidden URL that the web server software has restricted. For example, Apache servers return a 403 Forbidden Error when a client tries lớn access a URL corresponding to lớn a file system directory.

Troubleshooting on the Client-Side

Since the 403 Forbidden Error is a client error response code, start troubleshooting any potential client-side issues first.

Here are some troubleshooting tips you can try on the browser or device that is giving you problems.

Check the Requested URL

The most common cause of a 403 Forbidden Error is simply inputting an incorrect URL. As discussed before, many tightly secured website servers disallow access to lớn improper URLs. This could be anything from accessing a file directory lớn accessing a private page meant for other users. Thus, it"s a good idea lớn double-check the exact URL that is returning the 403 error.

Clear Relevant Cookies

As you may already be aware, HTTP copies store tiny pieces of data on your local device. The website then uses these cookies khổng lồ to "remember" information abbot a particular browser and/or device.

As you may already be aware, HTTP cookies store tiny pieces of data on your local device. The trang web then uses these cookies to "remember" information about a particular browser and/or device. Most modern website apps take advantage of these cookies to lớn store user authentication status.

Invalid or corrupted Cookies can cause improper authentication for the server, leading lớn the 403 Error. This is due to lớn the fact that the client is no longer authenticated to perform this particular request.

In most cases, you should only worry about cookies relevant khổng lồ the website or application causing issues. The application stores cookies based on where the domain is located. This means you can only remove cookies that match the website domain name (e.g. thietkewebhcm.com.vn.io) to lớn keep most other cookies intact. However, if you aren"t experienced with manually removing certain cookies, remove all cookies at once. Not only is this easier, but it"s also a safer option.

Below, we"ve provided a các mục on how lớn clear cookies depending on the browser you"re using:

Clear the Cache

Just lượt thích cookies, it"s also possible that the local browser cache could be causing the 403 Forbidden Error lớn appear.

A cache stores local copies of web content on your device for later use. A browser"s cache can include almost any type of data but typically stores compressed snapshots of webpages, images, & other binary data your browser often accesses. With a local copy of these resources on your device, your browser doesn"t need to lớn spend time or bandwidth downloading this identical data every time you return lớn the same page. For example, when you open Facebook, there"s a good chance that the nội dung you"re seeing has come from the cache on your device.

Since your browser"s cache stores local copies of web content and resources, it"s possible that a change to the live version of your application is conflicting with the cached version already on your device, which can sometimes produce a 403 Forbidden Error as a result. Try clearing your browser"s cache to see if that fixes the issue.

As with cookies, clearing the cache is browser-dependant, so here are a few link to that relevant documentation for the most popular browsers:

Log Out và Log In

If the application you"re using has some size of user authentication, the last client-side step to lớn try is lớn log out and then log back in. If you"ve recently cleared the browser cookies, this should usually log you out, so the next time you try to lớn load the page, just log back in at this point.

Xem thêm: Top Phần Mềm Diệt Virus Miễn Phí Tốt Nhất 2017, 10 Phần Mềm Diệt Virus Miễn Phí Tốt Nhất Năm 2017

In some situations, the application may be running into a problem with your previous session, which is just a string that the server sends lớn the client lớn identify that client during future requests. As with other data, your device should have stored the session token (or session string) locally on your device within the cookies. The client then transfers this data lớn the vps during every request. If the hệ thống fails lớn recognize the session token or the vps sees this particular token as invalid, this may result in a 403 Error.

But, with most website applications, you can recreate the local session token by logging out & logging back in.

Debugging Common Platforms

If you"re running common software packages on the server that is responding with the 403 Forbidden Error, you may want to start by looking into the stability và functionality of those platforms first. The most common nội dung management systems (CMS) -- like WordPress, Joomla!, & Drupal -- are all typically well-tested out of the box, but once you start making modifications lớn the underlying extensions or PHP code (the language in which nearly all modern content management systems are written in), it"s all too easy lớn cause an unforeseen issue that results in a 403 Error.

Here are a few tips lớn help you troubleshoot some of these popular software platforms:

Rollback Recent Upgrades

If you recently updated the CMS itself just before the 403 Forbidden Error appeared, you may want khổng lồ consider rolling back khổng lồ the previous version you had installed when things were working fine. Similarly, any extensions or modules that you may have recently upgraded can also cause server-side issues, so reverting khổng lồ previous versions of those may also help.

For assistance with this task, simply Google "downgrade " & follow along. In some cases, however, certain CMSs don"t provide a version downgrade capability, which indicates that they consider the base application, along with each new version released, lớn be extremely stable và bug-free. This is typically the case for the more popular platforms.

Uninstall New Extensions, Modules, or Plugins

Depending on the particular CMS your application is using, the exact name of these components will be different, but they serve the same purpose across every system: improving the capabilities và features of the platform beyond what it"s normally capable of out of the box. Be warned: such extensions can, more or less, take full control of the system & make virtually any changes, whether it be khổng lồ the PHP code, HTML, CSS, JavaScript, or database. As such, try uninstalling any recently added extensions. Again, Google the extension name for the official documentation and assistance with this process.

Check for Unexpected Database Changes

Uninstalling a CMS extension does not guarantee that changes will fully revert. This is particularly true for WordPress extensions. These extensions have carte blanche status within an application, which allows them full access rights khổng lồ the database. With this access, an extension can modify database records that don"t "belong" to the extension itself. That means it can change records created & managed by other extensions of the CMS itself.

In those scenarios, the extension may not know how to revert alterations khổng lồ database records, so it will ignore such things during uninstallation. Diagnosing such problems can be tricky. Your best course of action, assuming you"re reasonably convinced an extension is the likely culprit for the 403 Forbidden Error, is to open the database & manually look through tables & records that were likely modified by the extension.

Confirm Proper tệp tin Permissions

If the application worked fine before and suddenly this error occurs, permissions are not a very likely culprit. However, if modifications were recently made (such as upgrades or installations), it"s possible that file permissions were changed or are otherwise incorrect, which could cause an issue lớn propagate its way throughout the application và eventually lead lớn a 403 Forbidden Error. The majority of servers use Unix-based operating systems.

In this Wikipedia article, File-System Permissions, you"ll learn more about how khổng lồ set up proper permissions for application files và directories lớn keep your application secure without hindering your applications" access.

Above all, Google is your friend. Search for specific terms related to your issue, such as the name of your application"s CMS, along with the 403 Forbidden Error. Chances are you"ll find someone (or, perhaps, many someones) who have experienced this issue & have found a solution.

Troubleshooting on the Server-Side

If you"re confident that your CMS isn"t the problem, a 403 Error could be a result of a server-side issue.

Troubleshoot the server with these tips.

Check Your Web server Configuration

Most modern website servers provide one or more configuration files to lớn adjust server behavior. These configurations are based on a wide range of circumstances. For example, the vps may be configured to lớn reject requests lớn certain directories or URLs, which could result in a 403 Error.

Configuration options for each different type of web vps can vary dramatically. Here is a các mục of a few popular ones to give you some resources to look through:

Look Through the Logs

Nearly every web application will keep some khung of server-side logs. Application logs contain the history of what the application did, such as which pages were requested, which servers it connected to, which database results it provided, and so forth. Hệ thống logs are related lớn the actual hardware that is running the application. They will often provide details about the health and status of all connected services, or even just the hệ thống itself. Google "logs " if you"re using a CMS, or "logs " & "logs " if you"re running a custom application, for more information on finding the logs in question.

Check the Database for User Authentication

As you know now, a 403 Error may indicate that the client properly authenticated at some point, but doesn"t have access khổng lồ the requested resource. It"s worth checking the vps to see why it denied the requested resource. Perhaps there"s an issue with the database & can"t authenticate the client.

Verify server Connectivity

While it may sound simple, it"s entirely possible that a Forbidden Error simply indicates that a hệ thống somewhere in the chain is down or unreachable for whatever reason. Most modern applications don"t reside on a single server. Instead, applications may be spread over multiple servers or rely on third-party services lớn function. If any one of these servers are down for maintenance or otherwise inaccessible, this could result in an error that appears to be from your own application.

Debug Your Application Code or Scripts

If all else fails, manually debug your application by parsing through application và server logs. Ideally, make a copy of the entire application khổng lồ a local development machine và perform a step-by-step debug process. This will allow you to lớn recreate the exact scenario in which the 403 Forbidden Error occurred and view the application code at the moment something goes wrong.

But, for a faster way lớn debug, install thietkewebhcm.com.vn Error & Performance Monitoring. If there"s broken code that"s throwing a 403 Error, thietkewebhcm.com.vn will find it, & quickly. Create a không tính phí thietkewebhcm.com.vn dev account, today, & for the first 30-days, you"ll have access to unlimited error & performance events.


Note: We published this post in October 2017 và recently updated it in February 2022.