Understanding 403 Forbidden
The server understood the request but refuses to authorize it.
Fix 1: Check File Permissions
Files should be 644, directories 755:
# Fix recursively
sudo find /var/www/your-site -type f -exec chmod 644 {} ;
sudo find /var/www/your-site -type d -exec chmod 755 {} ;Fix 2: Check Owner
Web server user (www-data, nginx, apache) must have access:
sudo chown -R www-data:www-data /var/www/your-siteFix 3: Check for Index File
Directory listing may be disabled and no index file exists:
# Ensure index.php or index.html exists
ls -la /var/www/your-site/
# Or enable directory listing
# In Nginx: autoindex on;
# In Apache: Options +IndexesFix 4: Check Nginx/Apache Configuration
Look for deny rules:
# Nginx
grep -r "deny " /etc/nginx/
# Apache
grep -r "Deny from" /etc/apache2/Fix 5: Check .htaccess (Apache)
Rename to test:
sudo mv .htaccess .htaccess.bakFix 6: Check IP Blocking
# Fail2ban
sudo fail2ban-client status
# UFW
sudo ufw status
# CSF
sudo csf -g YOUR_IPFix 7: Check SELinux (CentOS/RHEL)
getenforce
# Temporarily disable to test
sudo setenforce 0If disabling fixes it, restore context:
sudo restorecon -Rv /var/www/your-site