General explanation of the 403 status code
The HTTP status code 403 Forbidden is returned when a client sends a request to a server, but the server rejects the request due to permission issues. For example, if a username and password are stored in the .htpasswd and .htaccess, and this data is entered incorrectly, the HTTP status code 403 Forbidden is returned. This means that the client does not have the necessary permissions to access the requested resource. A common example is when a user tries to access a protected page for which they do not have access permission, or when a server denies access to a particular resource due to IP-based restrictions or authentication issues.
Specification of the HTTP status code 403
Source / Quote by: The 403 Forbidden HTTP Status Code is specified by section 6.5.3 of RFC7231.
HTTP-Protocol
How to throw a 403 statuscode with PHP?
To throw the HTTP status code 403 on a web page, the PHP function http_response_code can be used. The syntax is as follows: http_response_code(403) (PHP 5 >= 5.4.0, PHP 7, PHP 8)
Test the 403 HTTP status code
In order to be able to display the HTTP status code (in this case 403 Forbidden) and other information on the client side, the development console must be opened with F12. Afterwards you have to navigate to the tab "Network". Now you can open the page, in the network tab you should see the web page (example index.php). This must be selected and then the Herder section must be selected. Here the user will see the following result:
URL: https://http-statuscode.com/errorCodeExample.php?code=403
Status: 403 Forbidden
Those: Network
IP address: XX.XX.XX.XX
How do I solve the problem with the 403 status code?
The HTTP status code 403 Forbidden indicates that the server has understood the request but denies it for some reason. It means that you don't have the necessary permissions to access the requested resource.
To solve the problem with HTTP status code 403 Forbidden, you can follow the steps below:
- Check the URL: Make sure that the URL you entered is correct and points to the right resource or file. Also check for typos or extra characters in the URL.
- Clear the cache and cookies:
- Sometimes a bad cache or a conflict with cookies can lead to a 403 Forbidden error. Clear your browser's cache and cookies to make sure you're getting the latest version of the website.
- Check permissions: Make sure you have the necessary permissions to access the requested resource. This is especially important if it is a protected resource that is only accessible to certain users or user groups. Check your credentials and contact the administrator if necessary.
- Check the server configuration: the 403 Forbidden status code may also occur if the server is configured to deny access to certain files or directories. Check the server configuration to ensure that the required files and directories are accessible.
- Check the firewall and security software: Sometimes a firewall or security software blocks access to certain websites or resources. Make sure your firewall or security software is configured to allow access to the corresponding website.
- Contact the website owner or administrator: If the above steps do not work or you do not have access to the necessary permissions to fix the problem, it is best to contact the website owner or administrator. Explain the problem and provide as much information as possible to help troubleshoot.
It is important to note that the solution to the 403 Forbidden status code depends on the specific situation and some of the steps mentioned may not apply to your particular scenario. It may also be that the problem is on the server side and you, as an end user, have limited options to fix it. In such cases, it is best to contact the website owner or administrator for further assistance.
.How to create a custom error page for the 403 status code
Apache Webserver
The web server "Apache" is one of the most popular web servers on the Internet. To create an own 403 Forbidden error page in "Apache", the following change must be made in the following file.
NGINX Webserver
Similar to the web server "Apache", "NGINX" is also widely used on the Internet. To create your own 403 Forbidden error page in "NGINX", the following change must be made in the following file.
location = /403.html {
root /usr/share/nginx/html;
internal;
}
Browser compatibility of the 403 status code
| Chrome | Yes |
| Edge | Yes |
| Firefox | Yes |
| Opera | Yes |
| Safari | Yes |
| Chrome Android | Yes |
| Firefox for Android | Yes |
| Opera Android | Yes |
| Safari on iOS | Yes |
| Internet | Yes |
| WebView Android | Yes |
What SEO impact does the 403 status code have?
The HTTP status code 403 Forbidden indicates that access to a particular resource on a web server has been denied. This can happen for various reasons, e.g. due to missing permissions. The status code not only has a direct impact on the user experience, but also has relevant consequences in terms of search engine optimization (SEO).
Accessibility and crawling when HTTP status code 403 Forbidden
A fundamental goal of SEO is to ensure that website content can be crawled and indexed easily by search engine bots. If a bot is denied access to a resource by a 403 Forbidden status code, that page will not be included in the search index. In the long run, this can result in content that may be relevant to search queries not appearing in search results, which has a direct impact on the site's organic traffic.
User Experience and Trust
Aside from the technical aspect of accessibility, user experience plays a crucial role in SEO. A page that frequently issues the 403 Forbidden status code can lead to user frustration. If pages that appear in search results are inaccessible, users may lose trust in the site and possibly move to a competitor's site. Search engines may also see this and lower the credibility of the site in their rankings.
Potential for Duplicate Content with the 403 Forbidden Status Code
In some cases, a 403 Forbidden status code can lead to content being duplicated on different URLs, especially if webmasters try to make the prohibited content accessible by redirecting or copying it elsewhere. Duplicate content can be problematic because search engines may have difficulty determining which version of the page is relevant. This can result in the wrong version of the page being displayed in search results or an overall decrease in ranking.
Conclusion on the SEO impact of status code 403 Forbidden
An HTTP status code 403 Forbidden Forbidden is critical from an SEO perspective. Not only does it hinder crawling and indexing by search engine bots, but it can also affect the user experience and increase the risk of duplicate content. It is therefore important to perform regular checks to identify and fix such problems in order to optimize a website's SEO performance.
Constants in programming languages
HttpStatusCode.Forbidden
http.StatusForbidden
Response::HTTP_FORBIDDEN
httplib.FORBIDDEN
http.client.FORBIDDEN
http.HTTPStatus.FORBIDDEN
:forbidden
Example of "Client request" and "Server response" for HTTP status code 403
Client request:
Host: www.example.org
Server response:
Content-Type: text/html
<html>
<head><title>403 Forbidden</title></head>
<body>
<h1>Forbidden</h1>
<p>You don't have permission to access /securedpage.php on this server.</p>
</body>
</html>
Sub status codes of the 403 status code
| 403.1 | Execute access forbidden HTTP IIS, Unofficial |
| 403.2 | Read access forbidden HTTP IIS, Unofficial |
| 403.3 | Write access forbidden HTTP IIS, Unofficial |
| 403.4 | SSL required HTTP IIS, Unofficial |
| 403.5 | SSL 128 required HTTP IIS, Unofficial |
| 403.6 | IP address rejected HTTP IIS, Unofficial |
| 403.7 | Client certificate required HTTP IIS, Unofficial |
| 403.8 | Site access denied HTTP IIS, Unofficial |
| 403.9 | too many clients are trying to connect to the web server HTTP IIS, Unofficial |
| 403.10 | web server is configured to deny Execute access HTTP IIS, Unofficial |
| 403.11 | Password has been changed HTTP IIS, Unofficial |
| 403.12 | Mapper denied access HTTP IIS, Unofficial |
| 403.13 | Client certificate revoked HTTP IIS, Unofficial |
| 403.14 | Directory listing denied HTTP IIS, Unofficial |
| 403.15 | Client access licenses have exceeded limits on the web server HTTP IIS, Unofficial |
| 403.16 | Client certificate is untrusted or invalid HTTP IIS, Unofficial |
| 403.17 | Client certificate has expired or is not yet valid. HTTP IIS, Unofficial |
| 403.18 | Cannot execute requested URL in the current application pool HTTP IIS, Unofficial |
| 403.19 | Cannot execute CGI applications for the client browser in this application pool HTTP IIS, Unofficial |
| 403.20 | Passport logon failed HTTP IIS, Unofficial |
| 403.21 | Source access denied HTTP IIS, Unofficial |
| 403.22 | Infinite depth is denied HTTP IIS, Unofficial |
| 403.501 | Too many requests from the same client IP; Dynamic IP Restriction Concurrent request rate limit reached HTTP IIS, Unofficial |
| 403.502 | Too many requests from the same client IP; Dynamic IP Restriction Maximum request rate limit reached HTTP IIS, Unofficial |
| 403.503 | the IP address is included in the Deny list of IP Restriction HTTP IIS, Unofficial |
| 403.504 | the host name is included in the Deny list of IP Restriction HTTP IIS, Unofficial |
External links with more information about HTTP status code 403:
Funny memes about HTTP status code 403
Blog Articles
The difference between HTTP status code 402 and 403
When we deal with the World Wide Web and the communication between servers and clients, we come across various status codes that describe the state of an HTTP request. Two of these status codes tha...
SEO and HTTP status codes: A comprehensive analysis
Optimizing a website for search engines (SEO) is a complex undertaking. One of the often overlooked but crucial aspects for a good ranking are HTTP status codes. These small, three-digit codes info...
