403 Forbidden

Learning Focus

By the end of this lesson you will know how to systematically diagnose 403 Forbidden responses, identify the most common causes, and fix them without guessing.

What a 403 Means

A 403 Forbidden response means the server understood the request but refuses to serve it. This is different from a 404 (not found) — the server sees the resource but something is blocking access.

Most Common Causes

Diagnostic Steps

Step 1: Check the Error Log

The error log almost always tells you what triggered the 403:

# View recent error log entries
tail -50 /usr/local/lsws/logs/error.log

# Filter for 403-related messages
grep -i "denied\|forbidden\|permission" /usr/local/lsws/logs/error.log | tail -20

Step 2: Check File Permissions

# Check document root ownership
ls -la /var/www/example.com/

# Check the specific file or directory
ls -la /var/www/example.com/public/

# OpenLiteSpeed typically runs as 'nobody' or 'www-data'
# Files should be readable by the web server user

The web server process needs read access to files and execute access to directories:

Item	Recommended Permission	Command
Directories	`755`	`chmod 755 /var/www/example.com/public`
Files	`644`	`chmod 644 /var/www/example.com/public/index.php`
Owner	Match webserver user	`chown -R nobody:nogroup /var/www/example.com/`

Step 3: Check for Missing Index

If you request a directory and no index file exists, OpenLiteSpeed can return 403:

# Check if an index file exists
ls -la /var/www/example.com/public/index.*

Ensure your virtual host has the correct index file list configured (e.g., index.html, index.php).

Step 4: Check Context and Access Rules

In WebAdmin, review:

Virtual Hosts → Your Site → Context — look for restrictive patterns
Virtual Hosts → Your Site → Security → Access Control — check IP restrictions
Server Configuration → Security — check global deny patterns

Step 5: Check `.htaccess` Rules

# Look for deny rules in .htaccess
grep -rn "Deny\|Require\|Forbidden" /var/www/example.com/.htaccess 2>/dev/null

Quick Fix Reference

Cause	Fix
Wrong file ownership	`chown -R nobody:nogroup /var/www/site/`
Wrong directory permission	`chmod 755 /var/www/site/public/`
Wrong file permission	`chmod 644 /var/www/site/public/index.php`
Missing index file	Add `index.html` or `index.php` to the document root
IP restriction blocking you	Update the access control allowlist in WebAdmin
`.htaccess` deny rule	Review and fix `.htaccess` rules

warning

Do not use chmod 777 as a "fix." It solves the symptom by removing all security. Find the correct ownership and permissions instead.

Key Takeaways

403 errors are policy or permission problems, not application crashes.
Always check the error log first — it usually tells you the exact cause.
File permissions and ownership are the most common cause on fresh installations.
Never use chmod 777 — fix the ownership and use 755/644 instead.

What's Next

Continue to 500 Internal Server Error for diagnosing application-level failures.

What a 403 Means​

Most Common Causes​

Diagnostic Steps​

Step 1: Check the Error Log​

Step 2: Check File Permissions​

Step 3: Check for Missing Index​

Step 4: Check Context and Access Rules​

Step 5: Check .htaccess Rules​

Quick Fix Reference​

Key Takeaways​

What's Next​