“Forbidden – You don’t have permission to access / on this server” Error

James KiarieLast Updated: July 21, 2023 Apache, Questions 14 Comments

Apache web server is one of the most popular and widely used open-source web servers thanks to its stability and reliability. The web server commands a huge market, especially in web hosting platforms.

Be that as it may, you may get a “Forbidden – You don’t have permission to access / on this server” error on your browser after setting up your website. It’s quite a common error and a good chunk of users have experienced it while testing their site. So what is this error?

Demystifying the Forbidden Error

Also referred to as the 403 Forbidden error, Apache’s ‘Forbidden Error’ is an error that is displayed on a web page when you are attempting to access a website that’s restricted or forbidden. It’s usually splashed on the browser as shown.

Additionally, the error can manifest in several ways on the browser as indicated below:

HTTP Error 403 – Forbidden
Forbidden: You don’t have permission to access [directory] on this server
403 Forbidden
Access Denied You don’t have permission to access
403 forbidden requests forbidden by administrative rules

So what causes such errors?

The ‘403 Forbidden Error‘ occurs due to the following main reasons:

1. Incorrect File / Directory Permissions

This error can be triggered due to incorrect file/folder permissions on the webroot directory. If the default file permissions are not adjusted to grant users access to the website files, then the chances of this error popping on a web browser are high.

2. Misconfiguration of the Apache Configuration Files

This error can also be attributed to a misconfiguration of one of the Apache configuration files. It could be an incorrect parameter that has been included or missing directives in the configuration file.

Fixing the ‘403 Forbidden Error’

If you have encountered this error, here are a few steps that you can take to remedy this.

1. Adjust File Permissions & Ownership of the Webroot Directory

Incorrect file permissions & directory ownership are known to restrict access to website files. So, firstly, be sure to assign the file permissions recursively to the webroot directory as shown.

The webroot directory should always have EXECUTE permissions and the index.html file should have READ permissions.

$ cd /path/to/webroot/directory 
$ sudo find . -type d -exec chmod 755 {} \;
$ sudo find . -type f -exec chmod 644 {} \;

The above find command is used to find all directories (folders) and files within the current directory (.) and set their permissions to 755 (directories) and 644 (files).

Additionally, adjust the ownership of files and directories to a specific user (tecmint) and group www-data or apache using the chown command as shown.

$ sudo chown -R tecmint:apache .

Set Permissions on Apache Root Directory

Finally, reload or restart the Apache webserver for the changes to take effect.

$ sudo systemctl restart apache2
OR
$ sudo systemctl restart httpd

If this does not resolve the issue, proceed to the next step:

2. Adjust Directives in Apache Main Configuration File

If you are on Debian-based Linux, in Apache’s main configuration file /etc/apache2/apache2.conf, ensure that you have this block of code:

<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

Save and exit and thereafter, restart the Apache.

If you are running Apache on RHEL-based distributions / CentOS systems, ensure that you relax access to the /var/www directory in the /etc/httpd/conf/httpd.conf main Apache configuration file.

<Directory "/var/www">
    AllowOverride None
    Require all granted
</Directory>

Then save all the changes and reload Apache.

$ sudo systemctl reload apache2
OR
$ sudo systemctl reload httpd

If after trying all these steps you are still getting the error, then please check the configuration of your virtual host files.

We have detailed articles on how you can configure the Apache Virtual host file on:

I hope that the steps provided have helped you clear the 403 error.

If you read this far, tweet to the author to show them you care. Tweet a thanks

dutree: A Powerful Disk Usage Tracker for Linux File Systems

How to Install netstat Command in Linux

James Kiarie

This is James, a certified Linux administrator and a tech enthusiast who loves keeping in touch with emerging trends in the tech world. When I'm not running commands on the terminal, I'm taking listening to some cool music. taking a casual stroll or watching a nice movie.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)

Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

14 thoughts on ““Forbidden – You don’t have permission to access / on this server” Error”

Colin Wray

December 23, 2022 at 8:58 pm
I tried a suggestion in this thread:
```
        AllowOverride None
        Require all granted
```
but it does not cure the exec problem.

There has never been a problem creating a file in /var/www, just running an existing one.
Reply
- Ravi Saive
  
  December 26, 2022 at 11:07 am
  
  @Colin,
  
  Is SELinux disabled or have the correct context settings on the /var/www directory? Please check, it seems some permission issue…
  Reply
  - Colin Wray
    
    December 28, 2022 at 7:27 pm
    Hello Ravi,
    
    I’m not sure what you mean by “SELinux“.
    
    Here is an ‘ls -la‘ of /var/www:
    
    -rwsr-xr-x 1 root pi 8728 Nov 19 2017 MsgToLogger drwxr-xr-x 12 root root 4096 Dec 15 14:51 .. drwxr-xr-x 6 www-data www-data 4096 Dec 22 20:24 . drwxr-xr-x 2 root root 4096 Dec 22 20:26 html drwxr-xr-x 4 root root 4096 Dec 28 13:33 greenchurch
    
    Don’t forget the message in /var/log/apache2/error.log is:
    
    sh: 1: /var/www/MsgToLogger: not found
    
    “not found” instead of lack of permission seems like a bug, especially as php7.0 works OK.
    Reply
    - Ravi Saive
      
      December 29, 2022 at 10:22 am
      
      @Colin,
      
      You are right, it might be a problem with the single-quoted string or the variable in the PHP files…
      
      I can’t help you out, I am not a PHP expert…
      Reply
Colin Wray

December 21, 2022 at 5:50 pm
I have an allied permissions problem that Stack Exchange can’t solve. Can anyone here help?

I have a fully working raspi3b + apache2 + php5 system on a 32-bit OS.

In a php block there is a simple statement:
```
$msg = "Save Schedule"; exec( "/var/www/MsgToLogger \"$msg\"", $r );
```
The executable MsgToLogger has root ownership and 4755 permissions, and the task is performed fine.

I changed to a raspi4b + apache2 + php7.4 on a 64bit OS.

I get “sh: 1: /var/www/MsgToLogger: not found” in apache/error.log

There is no problem writing a file in /var/www using file_put_contents($msgfname,$msg);.

I have tried putting MsgToLogger in three other places with no luck.
Reply
Ayushi Shrivastava

November 1, 2022 at 7:46 pm

Hello,

I’m still facing the same problem…
Reply
- john Lewis
  
  November 27, 2022 at 9:30 am
  
  Hello, what panel are you using? If you using Aapanel same like me, you go first on “WEBSITE” and open the “CONFIG” on the website you have inside that go to “SITE DIRECTORY” go to “RUNNING DIRECTORY” and just leave it, Blank.
  Reply
ivan

August 21, 2022 at 8:29 am
I did all of the above and the error persisted so what I did was edit one of the first lines:
```
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
```
Solution:
```
ServerAdmin webmaster@localhost
DocumentRoot /path/to/webroot
```
Reply
Fateh

May 31, 2022 at 3:11 am

You don’t have permission to access /payment/merchants/SATIM/errors_fr.html on this server.
Reply
khushpreet kaur

May 12, 2022 at 6:12 pm

Hi,

I was stuck on 403 forbidden errors on my website. I was searching for a possible solution and came across your article I found this one to be the best article and found the solution to my problem
definitely, a very good article to fix this error. thanks for sharing such detailed information.

keep it up
Reply
Abdullah Tahir

March 18, 2021 at 5:49 pm

Hi,

I was stuck on 403 forbidden error at my website. I was searching for a possible solution and I came across your article. I found this one to the best article and found the solution to my problem.

Definitely, a very good article to fix this error. Thanks for sharing such detailed information.

Keep it up.
Reply
AMAN RAVI

November 10, 2020 at 2:58 pm
```
# setenforce 0
```
use this command.
Reply
- Mario Lapi
  
  January 27, 2021 at 2:38 am
  
  Should this work if one of my sites works and the other give this error?
  Reply
  - Adrian
    
    June 15, 2022 at 10:32 pm
    # 2. Adjust directives in Apache main configuration file solved my problem
    
    Options Indexes FollowSymLinks AllowOverride None Require all granted
    
    Thank you, sir.
    Reply