The HTTP error 403 is frustrating to see, and quite often frustrating to solve. It rarely comes with an explanation of the exact problem that the web browser has encountered, and can be quite difficult to troubleshoot without a little further information.

As you probably know, the HTTP error 403 is received when accessing certain web pages on the Internet. There’s no way of predicting that each occasion when you’re going to receive one, and without a further reason of why you’re seeing it given, the HTTP error 403 acts effectively as the web server’s way of saying “no can do, no explanation needed”.

The most common reason for receiving an HTTP error 403 stems from accessing a page or a directory without navigating to it from a previous page. If for example, you attempt to view the directory listing of all files in a certain folder, like:

www.mysite.com/pages/

The website may be configured so as to disallow all attempted requests for directory listings. If we were to access the URL above without the pages subfolder having an index or default file, we would receive a generated list of all the pages that are located in that directory. However if “no directory browsing” is turned on, you’ll be left with an ugly HTTP error 403. This is all caused by the Check Up Down robot which follows a strict process for determining whether web content should be displayed to the requesting user. We can solve the issue by entering the full URL of the page that we’re trying to access, with the page name and extension amended to the root domain and folder. Problems with directory browsing are arguably the single biggest reason behind HTTP error 403 problems.

But they’re not the only reason.

Sometimes, when a web page is moved or re-directed to a new host on the web, the old host will throw up a 403 error to express that although the page was once hosted here, it no longer is and the webmaster is no longer around to pay his bills to keep the HTTP error 403 at bay. In this situation, we have no choice but to search out the new location of the website (if it’s moved), or go back to Google and look for any notifications of that website’s presence and status.

As you can imagine, it’s not always easy to know whether this is the reason for the HTTP error 403 on first inspection. As the first step of troubleshooting, you should try to access the root domain. Some web hosts will be nice enough to leave a re-direct or notification in place. And you’ll at least be able to see whether the web page is only partially accessible, or if its HTTP error 403 ridden throughout.

You should also be aware of the possibility that a subfolder may exist without a page being added to it. In this case, an HTTP error 403 is often thrown as default by the web server. If Basic HTTP Authentication is turned on, you will, of course, be required to enter a valid username or password to bypass the standard HTTP error 403.

No Comments »

HTTP Error 403 is caused by a web server believing that data sent by the client is correct, but also that the actual access to the data is forbidden or disallowed by the authorizer.

So it’s basically telling you that the page is there, but you’re not permitted to view it.

The thing which confuses many web users is that the same page can be accessible via different means. For example, you might be able to view it when clicking a link in another page. But if you try to bookmark the destination page itself, you’ll be returned with a 403 error when you later try to return to it. Why is this?

Well, by far the most common reason is a configuration setting known as directory browsing.

Directory browsing is where we enter the folder rather than the file itself, as a means of navigating the website.

Take for example, the following address:

http://www.mytestsite.com/media

This URL could potentially return a 403 error. But with the following URL:

http://www.mytestsite.com/media/index.html

This could display the actual page without an error.

Now, of course, when we access folders as shown in the first example, it’s the nature of the web server to look for a page title “Index” to return to the browser. But if directory browsing is turned off, the server will automatically throw a Forbidden Error, even if the page itself is entirely viewable when clicked by a standard A HREF link!

If every page is returning a Forbidden Error, directory browsing or not, you would normally expect a 401 to be thrown. The 401 error represents your more typical “Not authorized” message.

However, some browsers are still known to translate the 401 diagnosis and display a 403 instead. It matters little. If you’re having trouble accessing every page in the site, it’s usually a sign that you have a blanket authentication error. It could be that you were supposed to enter a username or password to access the page. It could also be a problem with a scripting language that’s running on the site.

A more obscure reason is simply that the website has changed web server and is now being hosted elsewhere. If the host has “cancelled” the directories to the old site, it may still take a little time before the client is redirected to the new location. During this time window, a 403 error is likely to be displayed.

There are several free online utilities that will run a check of a website’s authentication, providing it uses HTTP Basic Authentication. These will return information on the access layers, and will ultimately inform you whether the problem lies with the web server and host.

If you’re having trouble with your own website, it’s a good idea to contact your host and query whether directory browsing is allowed. Some hosts are extremely picky and disable direct page accessing altogether. This effectively means that every page must be accessed from another hyperlink. You can’t simply type in the URL without receiving an error, usually the 403 Forbidden Access that we’ve discussed.

As far as HTTP errors go, 403 is by far one of the most irritating to receive. It’s extremely ambiguous and it could be returned for one in a number of reasons. A little troubleshooting should help your cause, as we’ve discussed in this article, but contacting the host or webmaster may be necessary in a large number of cases.

Get a Free Online Scan with RegCure PC Optimizer (Download Takes 2 Mins)

2 Comments »