An error on the website do not look good at all.
Certain web server errors give some details on what went wrong. Luckily, these clues help to fix things faster.
Unfortunately, Litespeed 403 forbidden error means server disallows access to the website.
At Bobcares, we resolve these type of Litespeed errors for customers as part of our Server Administration Services.
Today, we’ll see how our Support Engineers diagnose and fix the 403 forbidden error in Litespeed.
What causes Litespeed 403 forbidden error?
Firstly, let’s check the causes of Litespeed 403 forbidden error.
In simple words, 403 forbidden error means that the access to the web page is not allowed for some reason. Now, we’ll take a look on the possible reasons for the error in Litespeed web server.
1. Permission problems
For the web server to display the page in the browser, the files and folders of the website should have certain preset permissions. These files should be readable by the web server.
When wrong permissions are set on the files, Litespeed cannot read them and it will result in 403 forbidden errors.
For example, when Litespeed web server is running as user nobody, it cannot read file with 0640 permission. As a result, accessing website files in the browser will cause forbidden error.
Again, LiteSpeed has a security setting “Script Restricted Permission Mask“. This setting shows the permission mask for script files that the web server will not serve. When this is set to a value 022, server will not run PHP scripts that are group and world writable. As a result, you’ll see 403 forbidden error again.
2. Wrong Rewrite rules
Similarly, often the rewrite rules in .htaccess file also can result in 403 forbidden errors. This typically happens when customer uses wrong url formats.
Again, when the website is under attack, our Dedicated Engineers often block access temporarily by adding deny rules in .htaccess files. This again cause Litespeed 403 forbidden errors.
Yet another reason could be wrong permissions on the .htaccess file. This would again forbid the access to the website with the entries in Litespeed error log as :
2018-11-04 12:59:03.373 [ERROR] [HTAccess] Failed to open [/home/xxx/public_html/.htaccess]: Permission denied
3. Missing Litespeed PHP handlers
Litespeed supports multiple PHP versions. Each of these versions will have separate handlers too. But, at times the handlers of certain PHP version will not be added to Litespeed configuration. And, the result would be 403 forbidden error.
How to fix Litespeed 403 forbidden error?
Till now, we saw the various reasons for the Litespeed 403 forbidden error. Let’s now take a look on how our Support Engineers find the cause of forbidden error and fix it.
Just like any other web server error, we begin the troubleshooting by recreating the problem at our side. Simultaneously, we track the Litespeed server logs at /var /var/log/apache2/error_log or /usr/local/apache/logs/error_log depending on the log file location. Further, the exact fix varies with the underlying reason. We’ll now check them in detail.
1. Fixing permissions
On seeing 403 forbidden error, we ensure that the file and the folder has correct permissions. Some customers set full access, that is 777 permissions on the files. Litespeed server need the correct permissions on the files and folders. Not more, not less.
Hence, to fix the 403 error, we set the files at 644 permission and folders at 755. Again, this depends on the web server running user. Ideally, the web server user should have read access on the file.
Recently, when a customer reported 403 error in Litespeed server, the Script Restricted Permission Mask was set incorrectly as 022. Here, our Support Engineers fixed the problem by setting the mask value as 000 from Litespeed Admin Console => Configuration => Server => Security as shown below.
2. Fixing rewrite rules
Secondly, we examine the rewrite rules for the syntax errors. We then correctly add the rules as per customer requirement. Also, we set the correct 644 permissions on the .htaccess file in the website folder and make it readable by Litespeed.
3. Fixing PHP handlers
From our experience in maintaining Litespeed servers, often the solution for 403 forbidden errors lies in fixing the PHP handlers in Litespeed.
Here, we identify the PHP version used by the script and check for necessary PHP handlers in Litespeed configuration. When script uses PHP72, our Dedicated Engineers add the missing entries for PHP72 via External Apps and Script Handler option in Litespeed Admin Console. And, that makes the script working again.
[Tired of Litespeed 403 forbidden errors? Our Litespeed experts can fix it in no time.]
In short, Litespeed 403 forbidden errors happen mainly due to wrong permissions that makes the pages unreadable by web server. Today, we saw the various reasons for the error and how our Support Engineers fix it within no time.