“Forbidden – You don’t have permission to access / on this server” Error

Apache web server is one of the most popular and widely used open-source web servers thanks to its stability and reliability. The web server commands a huge market, especially in web hosting platforms.

Be that as it may, you may get a “Forbidden – You don’t have permission to access / on this server” error on your browser after setting up your website. It’s quite a common error and a good chunk of users have experienced it while testing their site. So what is this error?

Demystifying the Forbidden Error

Also referred to as the 403 Forbidden error, Apache’s ‘Forbidden Error’ is an error that is displayed on a web page when you are attempting to access a website that’s restricted or forbidden. It’s usually splashed on the browser as shown.

Apache Forbidden Error
Apache Forbidden Error

Additionally, the error can manifest in several ways on the browser as indicated below:

  • HTTP Error 403 – Forbidden
  • Forbidden: You don’t have permission to access [directory] on this server
  • 403 Forbidden
  • Access Denied You don’t have permission to access
  • 403 forbidden requests forbidden by administrative rules

So what causes such errors?

The ‘403 Forbidden Error‘ occurs due to the following main reasons:

1. Incorrect File / Directory Permissions

This error can be triggered due to incorrect file/folder permissions on the webroot directory. If the default file permissions are not adjusted to grant users access to the website files, then the chances of this error popping on a web browser are high.

2. Misconfiguration of the Apache Configuration Files

This error can also be attributed to a misconfiguration of one of the Apache configuration files. It could be an incorrect parameter that has been included or missing directives in the configuration file.

Fixing the ‘403 Forbidden Error’

If you have encountered this error, here are a few steps that you can take to remedy this.

1. Adjust File Permissions & Ownership of the Webroot Directory

Incorrect file permissions & directory ownership are known to restrict access to website files. So, firstly, be sure to assign the file permissions recursively to the webroot directory as shown.

The webroot directory should always have EXECUTE permissions and the index.html file should have READ permissions.

$ cd /path/to/webroot/directory 
$ sudo find . -type d -exec chmod 755 {} \;
$ sudo find . -type f -exec chmod 644 {} \;

The above find command is used to find all directories (folders) and files within the current directory (.) and set their permissions to 755 (directories) and 644 (files).

Additionally, adjust the ownership of files and directories to a specific user (tecmint) and group www-data or apache using the chown command as shown.

$ sudo chown -R tecmint:apache .
Set Permissions on Apache Root Directory
Set Permissions on Apache Root Directory

Finally, reload or restart the Apache webserver for the changes to take effect.

$ sudo systemctl restart apache2
OR
$ sudo systemctl restart httpd

If this does not resolve the issue, proceed to the next step:

2. Adjust Directives in Apache Main Configuration File

If you are on Debian-based Linux, in Apache’s main configuration file /etc/apache2/apache2.conf, ensure that you have this block of code:

<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

Save and exit and thereafter, restart the Apache.

If you are running Apache on RHEL-based distributions / CentOS systems, ensure that you relax access to the /var/www directory in the /etc/httpd/conf/httpd.conf main Apache configuration file.

<Directory "/var/www">
    AllowOverride None
    Require all granted
</Directory>

Then save all the changes and reload Apache.

$ sudo systemctl reload apache2
OR
$ sudo systemctl reload httpd

If after trying all these steps you are still getting the error, then please check the configuration of your virtual host files.

We have detailed articles on how you can configure the Apache Virtual host file on:

I hope that the steps provided have helped you clear the 403 error.

If you read this far, tweet to the author to show them you care. Tweet a thanks
James Kiarie
This is James, a certified Linux administrator and a tech enthusiast who loves keeping in touch with emerging trends in the tech world. When I'm not running commands on the terminal, I'm taking listening to some cool music. taking a casual stroll or watching a nice movie.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

14 thoughts on ““Forbidden – You don’t have permission to access / on this server” Error”

  1. I tried a suggestion in this thread:

            AllowOverride None
            Require all granted
    

    but it does not cure the exec problem.

    There has never been a problem creating a file in /var/www, just running an existing one.

    Reply
    • @Colin,

      Is SELinux disabled or have the correct context settings on the /var/www directory? Please check, it seems some permission issue…

      Reply
      • Hello Ravi,

        I’m not sure what you mean by “SELinux“.

        Here is an ‘ls -la‘ of /var/www:

        -rwsr-xr-x  1 root     pi        8728 Nov 19  2017 MsgToLogger
        drwxr-xr-x 12 root     root      4096 Dec 15 14:51 ..
        drwxr-xr-x  6 www-data www-data  4096 Dec 22 20:24 .
        drwxr-xr-x  2 root     root      4096 Dec 22 20:26 html
        drwxr-xr-x  4 root     root      4096 Dec 28 13:33 greenchurch
        

        Don’t forget the message in /var/log/apache2/error.log is:

        sh: 1: /var/www/MsgToLogger: not found
        

        “not found” instead of lack of permission seems like a bug, especially as php7.0 works OK.

        Reply
        • @Colin,

          You are right, it might be a problem with the single-quoted string or the variable in the PHP files…

          I can’t help you out, I am not a PHP expert…

          Reply
  2. I have an allied permissions problem that Stack Exchange can’t solve. Can anyone here help?

    I have a fully working raspi3b + apache2 + php5 system on a 32-bit OS.

    In a php block there is a simple statement:

    $msg = "Save Schedule"; exec( "/var/www/MsgToLogger \"$msg\"", $r );
    

    The executable MsgToLogger has root ownership and 4755 permissions, and the task is performed fine.

    I changed to a raspi4b + apache2 + php7.4 on a 64bit OS.

    I get “sh: 1: /var/www/MsgToLogger: not found” in apache/error.log

    There is no problem writing a file in /var/www using file_put_contents($msgfname,$msg);.

    I have tried putting MsgToLogger in three other places with no luck.

    Reply
    • Hello, what panel are you using? If you using Aapanel same like me, you go first on “WEBSITE” and open the “CONFIG” on the website you have inside that go to “SITE DIRECTORY” go to “RUNNING DIRECTORY” and just leave it, Blank.

      Reply
  3. I did all of the above and the error persisted so what I did was edit one of the first lines:

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    

    Solution:

    ServerAdmin webmaster@localhost
    DocumentRoot /path/to/webroot
    
    Reply
  4. Hi,

    I was stuck on 403 forbidden errors on my website. I was searching for a possible solution and came across your article I found this one to be the best article and found the solution to my problem
    definitely, a very good article to fix this error. thanks for sharing such detailed information.

    keep it up

    Reply
  5. Hi,

    I was stuck on 403 forbidden error at my website. I was searching for a possible solution and I came across your article. I found this one to the best article and found the solution to my problem.

    Definitely, a very good article to fix this error. Thanks for sharing such detailed information.

    Keep it up.

    Reply

Got something to say? Join the discussion.

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.