• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
logo

BeginWP

  • Home
  • Plugins
  • Themes
  • Tutorials
  • Problems & Fixes

How to Fix Error 403 Forbidden – Access Denied on Wp-admin / login Page

March 9, 2014 by Saqib

When it comes to error messages, one needs to properly understand to troubleshooting them. Recently when logging-in to my WordPress admin area, I got “403 Forbidden” error which states that “Access to this resource on the server is denied!” Getting this annoying error means you won’t be able to login to WordPress, no matter how many times you try. The good part is that troubleshooting this problem is easy. Let’s take a look at some possible solutions when you face 403 forbidden error, and you can’t login to wp-admin or wp-login page.

error403

Check for file and folder permissions

The first step to solve this error is to check for proper permissions to WordPress files and folders. Normally, your folders (or call it directories) should have 755 permission and files should have 644 permission. Don’t forget to check your wp-config.php and wp-login.php for 644 file permission, and wp-admin folder for 755 permission.

Check your .htaccess file

Web hosts sometimes edit your .htaccess file to add some code to prevent brute force attacks. This is usually a good practice to prevent intrusion, and protect your site from such attacks. However, the side effect of this is that it even restricts the legitimate user (you) from logging-in to WordPress. That’s why, check your .htaccess file which should look like below:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

If yours is different, then edit your .htaccess to look like above and remove the extra code from the file. Once you do this, clear your browser cache or use a different browser and then try to login to WordPress admin. Many users have reported that this method has solved their problem.

For advanced users: If you find that your web host has indeed edited .htaccess to protect it from damage or from using more resources on the server, then you can simply white list your IP and allow access to the wp-admin area.

Disable Security Plugin

If you are using any security plugin and facing this problem, then disable it right now. Reason? Because security plugins have some features like deny brute force, IP whitelist, etc and sometimes they lock down the login area if anything suspicious occurs. To disable such security plugin, login to your cPanel, go to File Manager and rename the plugin’s folder, or use a FTP client to do the same. Now go ahead and try to login to your WordPress again.

So go ahead and fix your access denied to wp-admin / wp-login page by using these methods.

Filed Under: Troubleshooting

Reader Interactions

Comments

  1. Alessio says

    January 9, 2015 at 9:27 am

    A strange thing happen to one of my WP installation, I can login into the admin but my client cannot; he gets a forbidden page. My .htaccess and file permissions are perfect, what other issues could cause this problem? Thanks 🙂

    Reply
    • Saqib says

      January 16, 2015 at 4:23 pm

      Are you using any security plugin? Then try disabling that plugin for sometime and see if your client is able to login. If i am right, then this should solve the issue.

      Reply
  2. wp user says

    February 5, 2015 at 12:27 am

    Your advices solved me the problem which other could not!
    The issue was with a permission on the root folder of the wp installation which had 750. Once I changed permissions to 755, it worked.
    Thanks a million!

    Reply
    • Saqib says

      February 16, 2015 at 7:59 pm

      Glad to know that my solutions worked for you

      Reply
      • sarah says

        April 5, 2017 at 10:06 pm

        i cannot completely log in so I do not know where to start and change the files

        Reply
  3. Doug says

    March 23, 2015 at 5:54 pm

    How do you white list the IP?

    Reply
    • Saqib says

      March 25, 2015 at 5:02 pm

      If you are asking this question related to this topic here, then just disable any security plugins that you have installed.

      Reply
      • Stephen R Smith says

        March 1, 2016 at 6:49 pm

        Given that WordPress sites are being attacked constantly, and are hacked fairly frequently, I think that any solution that involves disabling any security that may be installed is irresponsible.

        How about trying to find a solution that involves whitelisting the plugin with the installed security system so that the software can be used in a secure fashion?

        Reply
  4. Atul says

    August 15, 2015 at 8:56 am

    Removing the extra bits from htcaccess file just worked for me. Thanks a lot.

    Reply
  5. wp_user says

    January 28, 2016 at 1:43 pm

    Altering file/folder permissions worked perfectly – thanks!

    Reply
  6. mdghouse Al-haq saqlain says

    April 6, 2016 at 1:04 am

    Still the same problem, i changed the .htaccess and permissions but

    403
    Forbidden

    Access to this resource on the server is denied!

    unable to solve it

    Reply
  7. Christoph says

    January 23, 2017 at 5:34 pm

    Thanks for the article. Your idea of checking the htaccess was just what I needed. It wasn’t the security plugin or the file permission though. When I read it, I remembered that caching and performance plugins have a habit of messing with the htaccess. So I disabled W3total Cache and was able to update wordpress to the current version.

    Previously I could see a 403 in my server logs whenever i triggered an update for POST and GET requests in /wp-login.php.

    Reply
  8. craig knaak says

    May 9, 2017 at 2:28 am

    How is this easy?

    I have no idea what any of the following means!
    ”
    The first step to solve this error is to check for proper permissions to WordPress files and folders. Normally, your folders (or call it directories) should have 755 permission and files should have 644 permission. Don’t forget to check your wp-config.php and wp-login.php for 644 file permission, and wp-admin folder for 755 permission.
    ”

    How do you check for this?

    Reply
    • Saqib says

      July 6, 2017 at 1:00 pm

      You’ll need to use a FTP client like FileZilla to check for permissions, or use cPanel’s File Manager.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

STAY CONNECTED

  • Email
  • Facebook
  • Twitter

SUBSCRIBE

Get all WordPress tutorials, news, theme and plugin reviews right in your Inbox.

Recent Posts

  • How to Add Captions and Subtitles to Videos in WordPress
  • How to Use the new Block Patterns feature in WordPress
  • How to Enable Auto-update for Any WordPress Plugin & Theme
  • How to Check Site Health in WordPress
advt advt

siteground Bloom plugin
WPRocket

Footer

Pages

  • About
  • Subscribe
  • Privacy Policy
  • Disclosure
  • Contact

About BEGINWP

Freshly baked stuff always tastes good, right? That’s why we at BeginWP focus on cooking the finest WordPress tutorials, along with plugins, themes, tips and tricks.

This site teaches how users can get the most out of this amazing CMS.

We ❤ WordPress.

© 2021 · BeginWP · All Rights Reserved · Rocking by WordPress, of course.