This article will help you resolve 403 errors on your site.
Your hosting account is equipped with ModSecurity - a web server module which provides a number of important request filtering and other security rules. The idea of ModSecurity is to significantly lower the risk of common attacks such as SQL injection and exploitation of vulnerabilities in web programming/scripting languages.
These rules, while effective, are written by humans. This means that, with the complexity that is a modern web platform such as WordPress, they can return false positives on valid requests. Example scenarios which may return a false-positive could be something as simple as visiting your site from a certain IP, using a certain browser. They could also be triggered by previewing your posts, working in your theme editor and so forth.
The false positive will manifest itself as a "403" error, effectively saying "you do not have permission to complete this request".
To work around this issue, you can log into your control panel by following the link in your account dashboard. Once logged in to cPanel, click the link which says "ModSecurity".
You can then disable ModSecurity on your domain(s).
Once this is done, try once again to complete the action you were originally trying. If it now works successfully then congratulations - you have now resolved the issue.
It is recommended that you keep ModSecurity enabled on the account. Please create a general support ticket and let us know that you received a 403 error that was resolved by disabling ModSecurity. We will adjust the rules to ensure this rule doesn't trigger for you again and then you can re-enable the module on your account once again.