Title: 403 Error Last modified: August 31, 2016 --- # 403 Error * [colfetski](https://wordpress.org/support/users/colfetski/) * (@colfetski) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/) * Hi, * Every time I enable IThemes Security on a particular website (100magicmiles.com) I am getting a 403 error. * I can remove the 403 error by deleting all the ithemes security stuff in the . htaccess file. But I’m guessing that what’s in that file is kinda important to the functioning of the plugin. * We were hacked today and I’ve removed the bad files, but Google has still got a blacklist active on the site. I don’t suppose this has anything to do with it, does it? * Thanks for any insight. * [https://wordpress.org/plugins/better-wp-security/](https://wordpress.org/plugins/better-wp-security/) Viewing 7 replies - 1 through 7 (of 7 total) * [George](https://wordpress.org/support/users/ccto/) * (@ccto) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7025910) * From Google Safe Browsing, it said the website is redirecting visitors to a dangerous websites: p3olnuew3tan????.ws. * You may try to check your web page source files, and/or the database table (e. g.) wp_options for any suspicious. * Thread Starter [colfetski](https://wordpress.org/support/users/colfetski/) * (@colfetski) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7025911) * Hi CCTO, yes we’ve removed the malware. But it takes Google 72 hours to review the site and they have not given it the “all-clear” yet. * But this may or may not have anything to do with the 403 error that is returned when you go beyond this warning to the actual site. * At present, there will be no 403 error, because I’ve deleted all WP-Security’s code that it puts into the .htaccess file… * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7025985) * [@colfetski](https://wordpress.org/support/users/colfetski/) * Disable any enabled setting one after another in the System Tweaks section of the iTSec plugin Settings page. * dwinden * Thread Starter [colfetski](https://wordpress.org/support/users/colfetski/) * (@colfetski) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7026043) * Thanks [@dwinden](https://wordpress.org/support/users/dwinden/) * I found that the offending setting is “Enable HackRepair.com’s blacklist feature” * For some reason this causes the 403 Forbidden error. So this makes me wonder, is my IP Address somehow on the hackrepair blacklist? Or my server’s IP? I don’t really understand how it works exactly. * It’s working, and that’s the main thing. But I am left wondering why this causes an issue on this site and none of our other wordpress sites? * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7026057) * [@colfetski](https://wordpress.org/support/users/colfetski/) * Ah right, that setting would have been my next choice to disable … * There are a LOT of rules added to the .htaccess file by the HackRepair.com’s blacklist setting. * These rules are basically filtering out requests from bad User Agents and/or some known bad HTTP referrers. * You would have to identify the exact line that causes the 403 in order to get an answer to your question. * And as to why this feature only seems to affect this particular site I noticed the web server used for this site is probably LiteSpeed. Perhaps that is the differentiator. * dwinden * Thread Starter [colfetski](https://wordpress.org/support/users/colfetski/) * (@colfetski) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7026064) * Thanks [@dwinden](https://wordpress.org/support/users/dwinden/) * I don’t think that LiteSpeed is the issue, as many of our sites run on that. * We’ll have to go on a fishing expedition to work out which User Agent / Referrer is causing a hiccup and will post back here if we have any discoveries of interest. * Thanks for your help. * [dwinden](https://wordpress.org/support/users/dwinden/) * (@dwinden) * [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7026069) * [@colfetski](https://wordpress.org/support/users/colfetski/) * I didn’t think so either but I just thought I better mention it. * Good luck with the fishing 😉 * dwinden Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘403 Error’ is closed to new replies. * ![](https://ps.w.org/better-wp-security/assets/icon.svg?rev=3529351) * [Kadence Security – Password, Two Factor Authentication, and Brute Force Protection](https://wordpress.org/plugins/better-wp-security/) * [Frequently Asked Questions](https://wordpress.org/plugins/better-wp-security/#faq) * [Support Threads](https://wordpress.org/support/plugin/better-wp-security/) * [Active Topics](https://wordpress.org/support/plugin/better-wp-security/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/better-wp-security/unresolved/) * [Reviews](https://wordpress.org/support/plugin/better-wp-security/reviews/) ## Tags * [forbidden](https://wordpress.org/support/topic-tag/forbidden/) * 7 replies * 3 participants * Last reply from: [dwinden](https://wordpress.org/support/users/dwinden/) * Last activity: [10 years, 3 months ago](https://wordpress.org/support/topic/403-error-45/#post-7026069) * Status: not resolved