Fixing the 403 Forbidden Error


The ‘403-Forbidden’ error can occur while you are trying to save the content on your WordPress-based website.

Sometimes a security layer of the website can be a little overaggressive and block genuine, harmless requests.

This can happen because of server security settings, because of bad characters/patterns that trigger the firewall, or because the size of the request is too large. In any of these cases, you will see the ‘403-Forbidden’ error displayed.


Since the cause of this is almost certainly related to a security setting or a security plugin on your website blocking the request of saving your content, the solution is to white-list (to allow) the request. Doing this depends on the type and the settings of security plugins as follows:

1. WordFence

If you have installed and set up the security plugin called “WordFence” on your website, then set it to “Learning Mode” in order to resolve this issue. If you need details on how to do this, please check out this tutorial.

2. Other security plugins

If you (as a user) have installed other security plugins (that are not WordFence) on your website, you can try deactivating them, to see if this solves the error.

Note: This is only for debugging purposes, to see if deactivating the security plugin really solves the issue. You should not leave the security on your site deactivated. You are only doing this for a few minutes, to see if this is the actual problem.

In case deactivating the security plugin has indeed solved the issue, then try one of the following:

  • check the firewall rules, to see if you can set any exclusions for plugins (if so, then include the Thrive plugins there);

  • or see if you can find anything similar to a learning mode in the settings, (if so, then activate it).

If you do not find such settings or you are not familiar with them, then you should reach out to the developers of the respective security plugin. Tell them about the issue, send them the steps to replicate it, and ask them to white-list the blocked request.

3. No known security plugins or settings

If you haven’t actually installed a security plugin on your website, and you are unaware of any such security settings, then, it is best if you contact your web hosting company.

Let them know about the error you have encountered and send them the exact steps to replicate it. Since they have access to all the settings and logs, they should be able to figure out the root of the error and the solution for it as well.

In case you still encounter difficulties, after trying all of the above-mentioned troubleshooting tips, then please contact our support team by opening a support conversation here.

Hopefully, this article was useful to you. If so, please give it a smile below 🙂

Was this article helpful?

Related Articles