403 Errors

This article will help you resolve 403 errors on your site.

Your hosting account is equipped with ModSecurity - a web server module which provides a number of important request filtering and other security rules. The idea of ModSecurity is to significantly lower the risk of common attacks such as SQL injection and exploitation of vulnerabilities in web programming/scripting languages.

These rules, while effective, are written by humans. This means that, with the complexity that is a modern web platform such as WordPress, they can return false positives on valid requests. Example scenarios which may return a false-positive could be something as simple as visiting your site from a certain IP, using a certain browser. They could also be triggered by previewing your posts, working in your theme editor and so forth.

The false positive will manifest itself as a "403" error, effectively saying "you do not have permission to complete this request".

To work around this issue, you can log into your control panel by following the link in your account dashboard. Once logged in to cPanel, click the link which says "ModSecurity".

Accessing ModSecurity options

You can then disable ModSecurity on your domain(s).
Disabling or enabling ModSecurity

Once this is done, try once again to complete the action you were originally trying. If it now works successfully then congratulations - you have now resolved the issue.

It is recommended that you keep ModSecurity enabled on the account. Please create a general support ticket and let us know that you received a 403 error that was resolved by disabling ModSecurity. We will adjust the rules to ensure this rule doesn't trigger for you again and then you can re-enable the module on your account once again.

Was this answer helpful?

Also Read

Managing proactive defense (malicious script execution prevention)

From the beginning of 2019 we have been rolling out a series of new and improved security...

CloudFlare Error 526

If your site is served over SSL and you're using CloudFlare then there will be effectively two...

Briefly unavailable for scheduled maintenance

You may have noticed that sometimes you encounter an "error" message on your site, on a blank...

How to log in to cPanel

There are two ways you can access cPanel.- The first is by accessing port 2083 of your primary...

How to install WordPress

When you've create a hosting account or added on a domain for the first time, often the first...