File Permissions and 403 Errors

Encountering a 403 Forbidden page in WordPress can be frustrating. No messages are sent to the error logs, so finding the source of the issue can be difficult. 403 Forbidden errors most often occur when visiting a file or page which is intentionally restricted, or when your website’s file permissions are incorrect.


403 Forbidden Error

The 403 error can happen for a variety of reasons, but the short version is that you’re trying to view a file or location that a directive is blocking. To resolve a 403 is simply a matter of determining where the permissions mix-up is taking place.

Some files are intentionally restricted, like configuration files (EX: .htaccess and wp-config.php). In other cases your file permissions may have been set to a level which denies access. The 403 responses is an HTTP Status Code which could occur on any website, and is not specific to WordPress.

The error most often looks like the following:

403 Forbidden
nginx



File Permissions

There are many reasons your file permissions may be reset and cause errors in your wp-admin dashboard. Typically this is most seen when making edits over SFTP or git. If you see the following errors, you know that your file permissions need to be reset:

  • failed to open stream: Permission denied in /nas/content/live/…
  • Could not copy file.: /nas/content/live/account_name/readme.html – Installation Failed
  • Failed to load resource: the server responded with a status of 403 (Forbidden)

Essentially if you see any of these errors or anything that looks like these errors (“forbidden”, ”denied” or “failed”) it’s probably safe to assume that your file permissions need to be reset. A good all-around first step to resolving a 403 error is to simply reset default file permissions.

Default File Permissions

Default file permissions are restricted for security purposes. If you edit these on your site, the change will not be retained.

Directories: 0775
Files: 0664

There is no way to force higher permissions beyond these default settings. For example, if a plugin requests a directory be set to 777, it will not be possible on WP Engine.


Reset File Permissions

File permissions can be restored to their defaults from two locations: within your User Portal, and within your WordPress Admin Dashboard. When resetting file permissions using either method, it will reset the permissions for both your live and legacy staging environments.

Allow 1-2 minutes for the file permissions reset to be performed. For smaller sites this takes a matter of seconds, but for sites with a large number of files the process will naturally be longer. Clustered environments will take the longest due to the file replication across several nodes.

User Portal

  1. Login to the User Portal
  2. Click the environment name to reset permission on
  3. Click Utilities
  4. Click Reset, under Reset File Permissions

WordPress Admin Dashboard

  1. Login to your site’s wp-admin
  2. Click the WP Engine plugin
  3. Click Reset File Permissions
filePermission



Additional Troubleshooting

  1. Try another page on the site, do you still get 403 errors anywhere you test?
    • If you do get 403 errors site-wide, your IP may have been blocked by WP Engine’s firewall. Reach out to WP Engine Support with your IP to have it whitelisted.
  2. Try loading a different file of the same file type. Try loading files located in other directories.
    • For example, if you can’t load any jpg files there may be a rule in place preventing those files from being accessed.
    • If you can’t view anything within wp-content/images/ but you can from wp-content/uploads/ you will want to check for rules that may be impacting the entire directory.
    • Review any security plugins, .htaccess, or firewall layers for any rules impacting this type of file or the file directory.
    • Keep in mind, multiple directories can contain an .htaccess file with security rules, not just the root directory.
  3. Does the directory contain an index.php file?
    • Access the directory the file is located in using SFTP or SSH Gateway.
    • If there is no index.php file, one will need to be added. Refer to your theme or plugin developer for a copy if you’re not sure.
  4. If you are still encountering 403 Forbidden responses on your website and are unable to find the cause, please feel free to contact WP Engine Support for more help. WP Engine Support is available via 24/7 Live Chat via your User Portal. Be sure to provide the URL where you are experiencing the error, the error message, and any events or changes that could have led to the error.

NEXT STEP: WP Engine platform default settings

Still need help? Contact support!

We offer support 24 hours a day, 7 days a week, 365 days a year. Log in to your account to get expert one-on-one help.

The best in WordPress hosting.

See why more customers prefer WP Engine over the competition.