Web Development

What is 403 forbidden error

By Bastien, on December 6, 2022, updated on February 5, 2023 - html-errors - 4 min read

Have you just come across a page announcing the message “403 Forbidden” or “403: Access denied” or “403 Forbidden – NGINX”? Let’s explain it all.

error 403 forbidden

What does a 403 error mean?

403 error = server understood your request but refuses to execute it.

The HTTP 403 error code is a code returned by the server to the client (your browser) when the client requests a page, a resource, … When all goes well, the server returns code 200.

When the requested page displays the message “Error 403 Forbidden” or one of its variants, the server signals that it has understood the request but does not wish to respond. That is, it will not return the requested web page, file or resource.

In contrast to the 404 error and or the 410 error which correspond to a problem on the server, the 403 error is not really an error but information: content to such and such a page or resource is denied.

Why is access to content denied?

Access rights do not allow access to the resource.

Protected content

A 403 error can be quite legitimate, for example if I am trying to access a directory / folder containing sensitive files that are blocked from access on the server. This is what happens if you are looking to access the /wp-includes directory on a WordPress site.

In this case, nothing to do. It is normal that this content is not directly accessible on the Internet.

Inappropriate browser configuration

You may have a problem on the client side, that is, on your web browser. Here are some things to look at:

  • check your web browser’s cache
  • pause your adblocker or allow the requested site on that tool
  • pause your antivirus: if the site is blacklisted in the antivirus, it will be blocked and you may get a 403 error when visiting it

Mis-settings on the server

The 403 error corresponds to an access rights issue, which may or may not be legitimate.

In the case where the requested resource should not be blocked, we need to go and modify the access rights on the server:

  • the read/write/modify right, which corresponds to 3 digits, each digit corresponding to a set of rights for a set of users.
    For example, WordPress, the most used CMS in the world, and therefore the one that suffers the most malicious attacks, says that the access rights to be set are 644 for files and 755 for directories.
  • the setting of the .htaccess file if you’re on an Apache server (NGINX servers don’t have an .htaccess file). You need to have rights at level 755 on this file to avoid errors.
  • If you are on WordPress, it may be from one of the many plugins you use. If the error persists after all previous fixes, try disabling your plugins.

Depending on your hosting, you will have several ways to make the modifications on your website (FTP, SSH, …).

Requirement to be logged in to access content

In this case, the server does not return a 403 error but a 401 error. It knows that it is possible to access the requested resource, but you must be authenticated on the site to do so.

Netflix nsez 403

If you stumble upon a message on Netflix with the “Error NSEZ-403 Something went wrong. Sorry, we’re having trouble with your request. You will find lots to explore on the home page.” message, it generally means you could have a connectivity problem. You can try the following solutions.

For Mac or windows computer

Try to sign in your Netflix account on a different device (your smartphone for example) but using the same network as your computer. For example, if you use the wifi from your home with your computer, use the same wifi to connect with your smartphone.

  • If you don’t success to sign into your Netflix account and you see an error message, try again later.
  • If you don’t see any error message when sign in, you have to contact the Netflix support as there is a problem somewhere.

Other devices (smartphone, tablets, …)

Go to the Netflix website with a computer.

  1. Visit the url using the same network as the one used with your first devices.
  2. Try to sign in on the computer
    1. You see the NSEZ-403 error. You can’t connect into our account. You can try again later.
    2. You don’t see the error, contact the support.

NGINX 403 forbidden

If your server on Nginx, you will certainly have the following message: “403 Forbidden – nginx”. On Nginx, no .htaccess file.

NGINX 403 Forbidden is an HTTP error response code indicating that a client is not allowed to access the requested URL. This is most commonly caused by a server-side issue, such as incorrect permissions or an incorrect index file.

Incorrect Index File

The most common cause of an NGINX 403 Forbidden error on a website is an incorrect index file. When a user visits a URL of the website, the server looks for a file named “index.html” in the requested directory or folder. If no such file is found, the server will return a 403 Forbidden error.

To fix this issue, ensure that an appropriate index file exists in the requested directory / folder.

Incorrectly Set Permissions

Another common cause of an NGINX 403 Forbidden error is incorrectly set permissions. All files and directories within the web server’s directory should have the correct permissions set. The user running the web server must have read and execute permissions. If these permissions are not set correctly, the server will return a 403 Forbidden error. To fix this issue, ensure that the permissions are set correctly for the user running the web server.

Client-Side Cause of Error 403

Finally, it is possible that the client-side browser is causing the 403 Forbidden error. A few possible causes of this issue include: a security plugin, an outdated browser, or an issue with the client-side cache. To fix this issue, try disabling any security plugins, clearing the browser’s cache, or updating the browser to the latest version.

As you are here, take a look at this video. It's our future. It concerns us all.