Support » Plugin: All In One WP Security & Firewall » 403 Access Denied error

  • Resolved mbnocx


    I recently updated the All In One WP Security plugin and sometime after I was not able to get into the WP Admin. I continued to receive a “403 Access Denied” error but only for wp-admin or wp-login.php.

    My blog and all links worked fine. There were no appearances of any security breach and via FTP all files were intact. I first tried renaming the all-in-one-wp-security-and-firewall folder under plugins but that didn’t help. I then checked the permissions of the main files/folders but they had not changed.

    Finally I created a blank .htaccess file and uploaded it. I have a backup of the .htaccess prior to me doing this. Now I can get into WP Admin with no problems. However, what do I need to add to this file so your plugin continues to work? When I tried editing the original .htaccess (prior to me uploading a blank copy) the file is rather large so I’m not sure what might be in there that is invalid or may have caused the problem.

    Any help is greatly appreciated.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author wpsolutions


    It looks like you have enabled several firewall features one of which is probably causing this 403 error. This is why we labelled our features “basic”, “medium” and “advanced” because depending on the host and site setup, the “medium/advanced” features may not behave the same for everyone which is why we ask people to firstly enable the “basic” features and then incrementally activate the more advanced ones.

    We have a useful FAQ and instructions pages to help you recover your site for situations like yours:

    All In One WordPress Security and Firewall Plugin

    (see the Trouble shooting and FAQ section at the end)

    This is the link for how to restore htaccess file:

    How to Restore the htaccess File When Using the All in One WP Security Plugin

    Thank you for the feedback. In what way did you believe that I had enabled more firewall settings? I have been using this plugin for the past couple of months and aside from the initial configuration back at the beginning, the only changes I have been making the past several weeks is checking the failed login records and adding those IP’s to my blocked list.

    As mentioned, there was an update to the plugin recently and although I cannot say that is what caused this, that is the only thing that has changed. I have not modified any of the firewall settings and I also have everything using the ‘basic’ features and have been since starting to use the plugin. If additional firewall settings were enabled then it was done by someone other than me (I’m the only one with access to my blog).

    I will check out the links you provided so I can add back whatever is truly needed in the .htaccess file.


    OK, here is the odd thing. 🙂 Maybe someone can explain why this happened.

    Yesterday I get the 403 Access Denied error from two different computers, using different browsers, and also from my smartphone when going to WP-Admin. I then replaced the .htaccess file and I was able to get in.

    While at home last night I renamed the new .htaccess file to .htaccess.bak and put the original file back that was there when I could not get in earlier in the day. Now I am not having any problems getting to WP-Admin even with the .htaccess file that was in place yesterday when I could not get there.

    What would cause this all to happen? This has me confused. 🙂

    Plugin Author mra13


    I am not entirely sure what could have caused it but at least it is working fine for you now.

    After trying numerous suggestions on other posts, I found this the most helpful.

    I ended up whitelisting my ip address in the .htaccess file and then had no problems at all.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘403 Access Denied error’ is closed to new replies.