VOOZH about

URL: https://www.tecmint.com/forbidden-you-dont-have-permission-to-access-on-this-server-error/

⇱ How to Fix Apache 403 Forbidden Error in Linux

Skip to content

Apache web server is one of the most popular and widely used open-source web servers thanks to its stability and reliability. The web server commands a huge market, especially in web hosting platforms.

Be that as it may, you may get a “Forbidden – You don’t have permission to access / on this server” error on your browser after setting up your website. It’s quite a common error and a good chunk of users have experienced it while testing their site. So what is this error?

TecMint Weekly Newsletter
Get the Learn Linux 7 Days Crash Course free when you join 34,000+ Linux professionals reading every Thursday.
Check your email for a magic link to get started.
Something went wrong. Please try again.

What Is the 403 Forbidden Error?

Also referred to as the 403 Forbidden error, Apache’s ‘Forbidden Error’ is an error that is displayed on a web page when you are attempting to access a website that’s restricted or forbidden.

It is a standardized HTTP status code indicating that the web server understands the request but is unable to authorize access due to permission issues.

It’s usually splashed on the browser as shown.

👁 Apache Forbidden Error
Apache Forbidden Error

Additionally, the error can manifest in several ways on the browser as indicated below:

  • HTTP Error 403 – Forbidden
  • Forbidden: You don’t have permission to access [directory] on this server
  • 403 Forbidden
  • Access Denied You don’t have permission to access
  • 403 forbidden requests forbidden by administrative rules

What Causes the 403 Forbidden Error?

The ‘403 Forbidden Error‘ occurs due to the following main reasons:

1. Incorrect File / Directory Permissions

This error can be triggered due to incorrect file/folder permissions on the webroot directory. If the default file permissions are not adjusted to grant users access to the website files, then the chances of this error popping on a web browser are high.

2. Misconfiguration of the Apache Configuration Files

This error can also be attributed to a misconfiguration of one of the Apache configuration files. It could be an incorrect parameter that has been included or missing directives in the configuration file.

3. Misconfiguration of .htaccess File

Another frequent reason for encountering this HTTP response code is a damaged or improperly configured .htaccess file. When this occurs, the 403 Forbidden error typically surfaces after modifying the .htaccess file.

Typically, users can address this by either generating a new .htaccess file or rectifying its configurations.

Fixing the Apache ‘403 Forbidden Error’

If you have encountered this error, here are a few steps that you can take to remedy this.

1. Adjust File Permissions and Ownership of the Webroot Directory

Incorrect file permissions & directory ownership are known to restrict access to website files. So, firstly, be sure to assign the file permissions recursively to the webroot directory as shown.

The webroot directory should always have EXECUTE permissions and the index.html file should have READ permissions.

$ cd /path/to/webroot/directory 
$ sudo find . -type d -exec chmod 755 {} \;
$ sudo find . -type f -exec chmod 644 {} \;

The above find command is used to find all directories (folders) and files within the current directory (.) and set their permissions to 755 (directories) and 644 (files).

Additionally, adjust the ownership of files and directories to a specific user (tecmint) and group www-data or apache using the chown command as shown.

$ sudo chown -R tecmint:apache .
👁 Set Permissions on Apache Root Directory
Set Permissions on Apache Root Directory

Finally, reload or restart the Apache webserver for the changes to take effect.

$ sudo systemctl restart apache2
OR
$ sudo systemctl restart httpd

If this does not resolve the issue, proceed to the next step:

2. Adjust Directives in Apache Main Configuration File

If you are on Debian-based Linux or RHEL-based distributions, open the main Apache configuration file, typically named httpd.conf or apache2.conf.

sudo nano /etc/httpd/httpd.conf # For Apache on CentOS/Red Hat
sudo nano /etc/apache2/apache2.conf # For Apache on Debian/Ubuntu

Locate the <Directory> section that corresponds to the web document root of your website and make sure that the AllowOverride directive is set to "All". This allows .htaccess files to override configuration settings.

<Directory "/var/www/html">
 Options Indexes FollowSymLinks
 AllowOverride All
 Require all granted
</Directory>

Replace the path /var/www/html to match the actual path of your website’s document root.

Save and exit and thereafter, restart the Apache.

sudo systemctl restart httpd # For Apache on CentOS/Red Hat
sudo systemctl restart apache2 # For Apache on Debian/Ubuntu

. Fix .htaccess File Configuration

If you have an .htaccess file in your web directory, check its configuration. A misconfigured configuration settings or any syntax errors can prevent users from accessing specific web content.

Comment out lines or remove the file temporarily to see if it resolves the problem.

If after trying all these steps you are still getting the error, then please check the configuration of your virtual host files.

We have detailed articles on how you can configure the Apache Virtual host file on:

Resolving the “Forbidden – You don’t have permission to access / on this server” error involves checking and adjusting file permissions, ownership, and server configuration.

I hope that the steps provided have helped you clear the 403 error.

If this article helped, share it with someone on your team.
TecMint Weekly Newsletter
Get the Learn Linux 7 Days Crash Course free when you join 34,000+ Linux professionals reading every Thursday.
Check your email for a magic link to get started.
Something went wrong. Please try again.
TecMint has been free for 14 years. Help keep it that way.
Google AI Overviews and tools like ChatGPT have cut into search traffic for independent tech sites like TecMint. Running this site costs over $2,000 every month for hosting, infrastructure, and paying authors to keep the content accurate and tested.

If this article helped you solve a problem, consider buying a coffee. It helps keep TecMint free, supports the authors, and keeps the project going.
☕ Buy Me a Coffee
James Kiarie
This is James, a certified Linux administrator and a tech enthusiast who loves keeping in touch with emerging trends in the tech world. When I'm not running commands on the terminal, I'm taking listening to some cool music. taking a casual stroll or watching a nice movie.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

14 Comments

Leave a Reply

  1. I tried a suggestion in this thread:

     AllowOverride None
 Require all granted

    but it does not cure the exec problem.

    There has never been a problem creating a file in /var/www, just running an existing one.

    Reply

    • @Colin,

      Is SELinux disabled or have the correct context settings on the /var/www directory? Please check, it seems some permission issue…

      Reply

      • Hello Ravi,

        I’m not sure what you mean by “SELinux“.

        Here is an ‘ls -la‘ of /var/www:

        -rwsr-xr-x 1 root pi 8728 Nov 19 2017 MsgToLogger
drwxr-xr-x 12 root root 4096 Dec 15 14:51 ..
drwxr-xr-x 6 www-data www-data 4096 Dec 22 20:24 .
drwxr-xr-x 2 root root 4096 Dec 22 20:26 html
drwxr-xr-x 4 root root 4096 Dec 28 13:33 greenchurch

        Don’t forget the message in /var/log/apache2/error.log is:

        sh: 1: /var/www/MsgToLogger: not found

        “not found” instead of lack of permission seems like a bug, especially as php7.0 works OK.

        Reply

        • @Colin,

          You are right, it might be a problem with the single-quoted string or the variable in the PHP files…

          I can’t help you out, I am not a PHP expert…

          Reply

  2. I have an allied permissions problem that Stack Exchange can’t solve. Can anyone here help?

    I have a fully working raspi3b + apache2 + php5 system on a 32-bit OS.

    In a php block there is a simple statement:

    $msg = "Save Schedule"; exec( "/var/www/MsgToLogger \"$msg\"", $r );

    The executable MsgToLogger has root ownership and 4755 permissions, and the task is performed fine.

    I changed to a raspi4b + apache2 + php7.4 on a 64bit OS.

    I get “sh: 1: /var/www/MsgToLogger: not found” in apache/error.log

    There is no problem writing a file in /var/www using file_put_contents($msgfname,$msg);.

    I have tried putting MsgToLogger in three other places with no luck.

    Reply

  3. Hello,

    I’m still facing the same problem…

    Reply

    • Hello, what panel are you using? If you using Aapanel same like me, you go first on “WEBSITE” and open the “CONFIG” on the website you have inside that go to “SITE DIRECTORY” go to “RUNNING DIRECTORY” and just leave it, Blank.

      Reply

  4. I did all of the above and the error persisted so what I did was edit one of the first lines:

    ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

    Solution:

    ServerAdmin webmaster@localhost
DocumentRoot /path/to/webroot
    Reply

  5. You don’t have permission to access /payment/merchants/SATIM/errors_fr.html on this server.

    Reply

  6. Hi,

    I was stuck on 403 forbidden errors on my website. I was searching for a possible solution and came across your article I found this one to be the best article and found the solution to my problem
    definitely, a very good article to fix this error. thanks for sharing such detailed information.

    keep it up

    Reply

  7. Hi,

    I was stuck on 403 forbidden error at my website. I was searching for a possible solution and I came across your article. I found this one to the best article and found the solution to my problem.

    Definitely, a very good article to fix this error. Thanks for sharing such detailed information.

    Keep it up.

    Reply 
  8. # setenforce 0

    use this command.

    Reply

    • Should this work if one of my sites works and the other give this error?

      Reply

      • # 2. Adjust directives in Apache main configuration file solved my problem

        Options Indexes FollowSymLinks
 AllowOverride None
 Require all granted

        Thank you, sir.

        Reply

Got Something to Say? Join the Discussion... Cancel reply

Free Course
Get a free Linux course before you go.
Subscribe to TecMint Weekly and get the Learn Linux 7 Days Crash Course free. Read by 34,000+ Linux professionals every Thursday.
Check your email for a magic link to get started.