WordPress.org

Ready to get started?Download WordPress

Forums

Forbidden 403 - You don´t have permission to access / (17 posts)

  1. momomojo54
    Member
    Posted 11 months ago #

    Hi,

    my WP installation is in a folder called "blog" on my html root folder.
    I recently deleted all other files but "blog" since my blog got hacked. Now that I switched the permissions back 750,my blog doesn´t load anymore.
    The error message is:
    Forbidden 403
    You don´t have permission to access / on this server.
    My html folder is set to 750, the blog folder inside to 755. Index php and folders inside the blog-folder are set to 755, too.
    Any idea what is going on here?

    http://www.moritzinsideusa.de

    Thank you very much!

  2. wpismypuppet
    Member
    Posted 11 months ago #

    Only going by what you are saying... you don't have anything inside the root (/) other than a folder called "blog". So when you try to go to your website, it generally looks for an index.html, index.htm, index.php or sometimes others. Since you don't have one of the mentioned, the site is attempting to show you a listing of all files and folders on the site... but, you don't have permission to see that listing. And that's a VERY good thing for security purposes.

    At this point, just add an index.htm or index.html file to the root (/) of the website and see if that helps. Also, be careful where you give 755 permissions or you'll get hacked again!

  3. momomojo54
    Member
    Posted 11 months ago #

    Thanks for the prompt reply!
    The file structure is as following:
    In my root folder is a folder called html. Inside that folder is a folder called blog (contains my blog). If I try to add "index.php" to the same folder level where the html folder is I get the error message "index.php: no permissions". I was able to upload the index.php to the "html" folder, but that didn´t solve the problem.
    Any other ideas?

  4. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Have you contacted your hosting support regarding this? Do you have a backup of your site? If so, I think it will be easier to reinstall WordPress and restore your site.

  5. momomojo54
    Member
    Posted 11 months ago #

    Thanks for chiming in, Krishna.

    Just to clarify, am I correct, assuming I have to add the index.php file to the same file level where the html/blog/wp-content folder lies?

  6. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Can you check how many such files exist there? Without your adding there would be one file there - then how did you add the second file? Can you post its content here?

  7. momomojo54
    Member
    Posted 11 months ago #

    There are currently two index php files. One lies inside the "blog file", the other lies one level above in the "html file".

    <?php
    /**
    * Front to the WordPress application. This file doesn't do anything, but loads
    * wp-blog-header.php which does and tells WordPress to load the theme.
    *
    * @package WordPress
    */
    
    /**
    * Tells WordPress to load the WordPress theme and output it.
    *
    * @var bool
    */
    define('WP_USE_THEMES', true);
    
    /** Loads the WordPress Environment and Template */
    require('./html/blog/wp-blog-header.php');
    ?>
  8. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Sorry, I may be understanding incorrectly.
    At which location is the above file? At the root or in a sub-directory? Where did you install WordPress? Root or sub-directory?

  9. momomojo54
    Member
    Posted 11 months ago #

    WordPress is installed in html/blog. The above file lies in "blog"

  10. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Could you ever run your site after you were hacked? Did you cleanup all the malware/ back doors before restoring your site? Sorry, I am trying to understand the problem because all tools I used show 403 Forbidden error.

  11. momomojo54
    Member
    Posted 11 months ago #

    I just contacted my web-hoster. They told me my permissions were not right. Some files weren´t set to 644 but to 750. So I changed that but still the same issue.

  12. momomojo54
    Member
    Posted 11 months ago #

    I got hacked, then my provider set the permissions of my html to 700. I deleted everything but my html/blog folder off my webspace and changed the permissions back to 750. Anyways now I can´t access the site anymore.

  13. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Try reinstalling WordPress manually from a freshly downloaded copy except wp-content. Do not overwrite files/ folders but delete them before reinstalling.
    Backup your site including database so that you can restore in case anything goes wrong.

  14. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    Permissions seem to be OK if you are on shared hosting.

  15. momomojo54
    Member
    Posted 11 months ago #

    I think this is the route to go by now. Thanks Krishna. So I basically delete everything BUT wp-content and do a reinstall? I got a backup of everything.

  16. Krishna
    Volunteer Moderator
    Posted 11 months ago #

    If you have a backup of everything, it will be the easiest to reinstall WordPress and restore your site. In that case, I wouldn't get into correcting an unsure installation.

  17. momomojo54
    Member
    Posted 11 months ago #

    I think I got it now resolved. Indeed the permissions were wrong on many levels. Right now i´m changing them and it seems to do the trick. Thanks Krishna for all your help! Your amazing!

Reply

You must log in to post.

About this Topic