Bobcares

Litespeed 403 forbidden error – How to fix in no time?

by | Feb 9, 2019

An error on the website do not look good at all.

Certain web server errors give some details on what went wrong. Luckily, these clues help to fix things faster.

Unfortunately, Litespeed 403 forbidden error means server disallows access to the website.

At Bobcares, we resolve these type of Litespeed errors for customers as part of our Server Administration Services.

Today, we’ll see how our Support Engineers diagnose and fix the 403 forbidden error in Litespeed.

 

What causes Litespeed 403 forbidden error?

Firstly, let’s check the causes of Litespeed 403 forbidden error.

In simple words, 403 forbidden error means that the access to the web page is not allowed for some reason. Now, we’ll take a look on the possible reasons for the error in Litespeed web server.

 

1. Permission problems

For the web server to display the page in the browser, the files and folders of the website should have certain preset permissions. These files should be readable by the web server.

When wrong permissions are set on the files, Litespeed cannot read them and it will result in 403 forbidden errors.

For example, when Litespeed web server is running as user nobody, it cannot read file with 0640 permission. As a result, accessing website files in the browser will cause forbidden error.

Again, LiteSpeed has a security setting “Script Restricted Permission Mask“. This setting shows the permission mask for script files that the web server will not serve. When this is set to a value 022, server will not run PHP scripts that are group and world writable. As a result, you’ll see 403 forbidden error again.

 

2. Wrong Rewrite rules

Similarly, often the rewrite rules in .htaccess file also can result in 403 forbidden errors. This typically happens when customer uses wrong url formats.

Again, when the website is under attack, our Dedicated Engineers often block access temporarily by adding deny rules in .htaccess files. This again cause Litespeed 403 forbidden errors.

Yet another reason could be wrong permissions on the .htaccess file. This would again forbid the access to the website with the entries in Litespeed error log as :

2018-11-04 12:59:03.373 [ERROR] [HTAccess] Failed to open [/home/xxx/public_html/.htaccess]: Permission denied

 

3. Missing Litespeed PHP handlers

Litespeed supports multiple PHP versions. Each of these versions will have separate handlers too. But, at times the handlers of certain PHP version will not be added to Litespeed configuration. And, the result would be 403 forbidden error.

 

How to fix Litespeed 403 forbidden error?

Till now, we saw the various reasons for the Litespeed 403 forbidden error. Let’s now take a look on how our Support Engineers find the cause of forbidden error and fix it.

Just like any other web server error, we begin the troubleshooting by recreating the problem at our side. Simultaneously, we track the Litespeed server logs at /var /var/log/apache2/error_log or /usr/local/apache/logs/error_log depending on the log file location. Further, the exact fix varies with the underlying reason. We’ll now check them in detail.

 

1. Fixing permissions

On seeing 403 forbidden error, we ensure that the file and the folder has correct permissions. Some customers set full access, that is 777 permissions on the files. Litespeed server need the correct permissions on the files and folders. Not more, not less.

Hence, to fix the 403 error, we set the files at 644 permission and folders at 755. Again, this depends on the web server running user. Ideally, the web server user should have read access on the file.

Recently, when a customer reported 403 error in Litespeed server, the Script Restricted Permission Mask was set incorrectly as 022. Here, our Support Engineers fixed the problem by setting the mask value as 000 from Litespeed Admin Console => Configuration => Server => Security as shown below.

 

2. Fixing rewrite rules

Secondly, we examine the rewrite rules for the syntax errors. We then correctly add the rules as per customer requirement. Also, we set the correct 644 permissions on the .htaccess file in the website folder and make it readable by Litespeed.

 

3. Fixing PHP handlers

From our experience in maintaining Litespeed servers, often the solution for 403 forbidden errors lies in fixing the PHP handlers in Litespeed.

Here, we identify the PHP version used by the script and check for necessary PHP handlers in Litespeed configuration. When script uses PHP72, our Dedicated Engineers add the missing entries for PHP72 via External Apps and Script Handler option in Litespeed Admin Console. And, that makes the script working again.

[Tired of Litespeed 403 forbidden errors? Our Litespeed experts can fix it in no time.]

 

Conclusion

In short, Litespeed 403 forbidden errors happen mainly due to wrong permissions that makes the pages unreadable by web server. Today, we saw the various reasons for the error and how our Support Engineers fix it within no time.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

SEE SERVER ADMIN PLANS

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

9 Comments

  1. AbdullahTahir

    Hi,
    I was stuck on 403 forbidden error at my website. I was searching for a possible solution and I came across your article. I found this one to the best article and found the solution to my problem.
    Definitely, a very good article to fix this error. Thanks for sharing such detailed information.
    Keep it up.

    Reply
  2. Alan

    You saved me after two whole days with this problem. Tried everything but was files at 644 permission and folders at 755 that worked. Even 777 was failing. BTW Script Restricted Permission Mask don’t exist on recent versions.

    Reply
    • Hiba Razak

      Hi Alan,
      Thanks for the feedback. We are glad to know that our article was helpful for you 🙂

      Reply
  3. phil

    bonjour
    j’ai des soucis aussi lorsque j’active le mode invite sur mon site je recois l’erreur 403

    Reply
    • Hiba Razak

      Hi Phil,
      Please contact our support team via live chat(click on the icon at right-bottom).

      Reply
  4. Min Pyae Maw

    The same error for me, but from Singapore, no error. Only the user from India getting this error.

    Reply
    • Hiba Razak

      Hi,
      Please contact our support team via live chat(click on the icon at right-bottom).

      Reply
  5. anjali

    The same error for me . Tried everything but was files at 644 permission and folders at 755 that not worked.

    Reply
    • Hiba Razak

      Hi,
      Please contact our support team via live chat(click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF