403
Forbidden
The server understood the request but refuses to authorize it. Unlike 401, the client's identity is known — they simply do not have permission to access this resource.
What does HTTP 403 mean?
The server understood the request but refuses to authorize it. Unlike 401, the client's identity is known — they simply do not have permission to access this resource.
Common causes
- 1
The authenticated user does not have the required role or permission to access the resource.
- 2
IP-based access control or a Web Application Firewall (WAF) is blocking the request based on the client's IP address or geographic location.
- 3
File system permissions on the server prevent the web server process from reading the requested file or directory.
How to fix it
- 1
Check the user's roles and permissions. Ensure the account has the required access level for the resource.
- 2
If blocked by a WAF or IP whitelist, add the client's IP address to the allow list or adjust firewall rules.
- 3
On the server, verify file permissions (e.g., chmod 644 for files, 755 for directories) and ensure the web server user owns or can read the files.
Monitor for HTTP 403 errors
If a public page suddenly returns 403, it usually means a misconfigured firewall rule or permissions change. Uptrack detects this within 30 seconds so you can revert before users are locked out.
Catch HTTP errors before your users do
20 monitors free — 10 at 30s, 10 at 1min. No credit card required.
Start Monitoring Free