WordPress.org

Ready to get started?Download WordPress

Forums

403 Forbidden on whole website including wp-admin (18 posts)

  1. jsmbythebay
    Member
    Posted 1 year ago #

    Upon logging into my wp-admin page I was asked to upgrade WordPress, which I did. This did not seem to cause any issues.

    I remembered that I had not backed up my site! So I installed the Backup plugin. Upon attempting to activate I was greeted by the following:

    Forbidden

    You don't have permission to access / on this server.

    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

    I've gone in and deleted that plugin with FTP, but no change.

    I googled around on this topic, and could not find any consensus on what the issue might be. There seemed to be a lot of discussion about .htc access, which I am pretty unfamiliar with. In case anyone cares, my .htc access file includes only the following

    Order allow,deny
    Deny from all

    It is probably only a coincidence, but today I also received a very weird comment on the Hello World post that I thought was private or deleted. I was notified by WordPress about the comment and clicked on the link to moderate. Could I have been hacked?

    The site is http://www.altwatt.com

    Please help Obi-Wan!

  2. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    The scan by Sucuri shows your site has warnings. It can be malware, or simply because of the 403 Forbidden error.

    EDIT: Because it is related to your server, I think you should contact your host.

  3. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    Sucuri ... I make that typo all the time also !

  4. Krishna
    Volunteer Moderator
    Posted 1 year ago #

    Thanks Seacoast Web Design for pointing out the typo. However, I edited it.

  5. jsmbythebay
    Member
    Posted 1 year ago #

    Oh man! I can't believe this!

    Anything else I can do besides contact the host? Especially to keep any malware from spreading? They (Dreamhost) are not exactly responsive.

    I read somewhere to FTP the entire site locally. Delete the site. Scan the files with PC malware software? Sounds kind of crazy to me.

  6. Pioneer Valley Web Design
    Member
    Posted 1 year ago #

    Did you come here for advise or to find out your lack of abilities? I get slammed on these replies at times, but as one once said, You can lead a horse to water....

  7. Arie Putranto
    Member
    Posted 1 year ago #

    Sometimes, it happened because the .htaccess was not configured properly.
    And your .htaccess is said: DENY FROM ALL?

    Ring any bell?

  8. jsmbythebay
    Member
    Posted 1 year ago #

    Seacoast, I didn't mean any lack of respect. I am just bummed, as well as un-abilitied. Thanks though.

    And Arie as I said, I know squat all about .htcaccess, but thought that DENY FROM ALL looked odd. But after Googling around it seemed like others were being advised to configure their .htcaccess exactly as mine is.

    No disrespect folks, I am admittedly very clueless on this stuff.

  9. esmi
    Theme Diva & Forum Moderator
    Posted 1 year ago #

    They (Dreamhost) are not exactly responsive.

    Really? They are supposed to make that little extra efforts for WordPress sites. I've tagged this topic for their attention. If they don't respond here in (say) the next week, please let us know.

  10. jsmbythebay
    Member
    Posted 1 year ago #

    Last time it took Dreamhost a while, but this time they were fairly fast with a response (overnight basically). Standard delete everything and re-install, which I did. Pain, but mostly up and running. Thanks all

  11. Mike Schroder
    WP Contributing Dev.
    Posted 1 year ago #

    Double-checked into this, and it does look like you should have received a detailed list of our findings, and ways that you can clean things up.

    If you do have any more questions, I'd definitely suggest replying directly to the email from support so that our Abuse/Security team can help you further.

  12. MCM
    Member
    Posted 1 year ago #

    Having the same problem on my dream host website. Also tried a backup plugin, ran the job and yah the rest is history :(.

    Waiting for DH to get back to me.

  13. Ipstenu-DH
    DreamHost Rep
    Posted 1 year ago #

    nathemie - What's your domain? I can take a look and see if it's easy to fix.

    Support's a little behind today.

  14. MCM
    Member
    Posted 1 year ago #

    I messed around and found it was a .htaacess file but the one in the root directory not the one of the root directory of the domain.

    I am not sure what you call it. Anyhow, I renamed it and things are working. Is there suppose to be a htaaccess file there?

  15. MCM
    Member
    Posted 1 year ago #

    <Files "*">
    <IfModule mod_access.c>
    Deny from all
    </IfModule>
    <IfModule !mod_access_compat>
    <IfModule mod_authz_host.c>
    Deny from all
    </IfModule>
    </IfModule>
    <IfModule mod_access_compat>
    Deny from all
    </IfModule>
    </Files>

    It contained the following.

  16. Ipstenu-DH
    DreamHost Rep
    Posted 1 year ago #

    That .htaccess would totally block everyone from seeing your site. It's denying access from everyone.

    A normal .htaccess has this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress
  17. MCM
    Member
    Posted 1 year ago #

    Thanks, everything is working again.

  18. Adamstar1
    Member
    Posted 1 year ago #

    I would like to add one thing about 403 Error. Many times the web hosts have locks which they enable on your site to protect it from damage or when it taxes server resources. So, if you talk to web host , they can detail the process of white listing your IP and getting it back to normal( by lifting the lock ) .

Topic Closed

This topic has been closed to new replies.

About this Topic