Reputation: 113
Wordpress 403/404 Errors: You don't have permission to access /wp-admin/themes.php on this server
Some background:
I set up six blogs this week, all using WordPress 2.92, installed with Fantastico on a baby Croc plan with HostGator.
I used the same theme (heatmap 2.5.4) and plugins for each blog.
They were all up and running, with no issues at all.
I went to create a new blog this morning, using the same setup, and when I try to change the theme settings, I got the following error:
Forbidden
You don't have permission to access /wp-admin/themes.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/0.9.8n DAV/2 mod_fcgid/2.3.5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at http://www.example.com Port 80
I tried uninstalling WP and doing a clean install, but I still had the same issue with a clean installation.
So I went back and checked the six other blogs that I had set up over the last week or so, and they are also now giving me 403 or 404 errors when trying to change theme settings, and every time there's an error it points to either themes.php or functions.php
At this point, I'm at my wit's end trying to figure out what the problem is. Hostgator support looked at it and thought maybe it was a permissions issue but they reset those and I'm still having the problem.
At first, I thought the problem might have been related to a plugin I recently installed on the previous six blogs that morning (ByREV Fix Missed Schedule Plugin) to deal with a missed schedule bug with WP 2.92, and that maybe that had mucked things up. But then I checked a blog I built months ago, which also uses the same theme and plugins, and now it is also encountering the same problem.
Any ideas? I tried deleting my htaccess, uploading a blank one, and uploading one with this snippet I found on the hostgator forum:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Nothing has worked. I still get 403 or 404 errors every time. Everything was working perfectly yesterday so I know this setup DOES WORK, I've just mucked something up somewhere and I'm clueless about what it is.
I read a related thread here and tried chmoding the wp-content folder to 0755 and still having the issue.
Any thoughts? Thanks!
Upvotes: 9
Views: 145810
Answers (9)
Reputation: 1872
Try to disable ModSecurity from your cPanel. Log into your cPanel. Find the category "Security". There you can find ModSecurity link.Click on it and disable it for the domain you are facing the 403 error.
Some 403 errors can be solved by this method too. Go to the wordpress dashboard, settings>permalink and just click save.
Hope this helped. :)
Upvotes: 0
Reputation: 12932
I had the same problem, but nothing above worked...try a really simple solution...
Back up your .htaccess file. Delete it from your root directory. Then try accessing those directories. Its likely that whatever rewrite conditions you had in your file were causing those access issues. The index page should be picked up automatically on most hosts. :P
Upvotes: 0
Reputation: 2925
A few years late, but I have a solution for the most recent version of WordPress, which has this same issue (WordPress-generated .htaccess files break sites, reuslting in 403 Forbidden error messages). Here's that it looks like when WordPress creates it:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
The problem is that the conditional doesn't work. It doesn't work because the module it's looking for isn't .c, it's .so. I think this is a platform-specific, or configuration-specific issue, where Mac OS and Lunix Apache installations are set up for .so AKA 'shared-object' modules. Looking for a .c module shouldn't break the conditional, I think that's a bug, but it's the issue.
Simply change the mod_rewrite.c to mod_rewrite.so and you're all set to go!
# BEGIN WordPress
<IfModule mod_rewrite.so>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Upvotes: 21
Reputation: 31
We found the asnwer of at techieshelp..its the htaccess thats the issue...
Upvotes: 3
Reputation: 1
Hopefully people will find this answer as there are many, many posts about this on the web. Many people suggested it was an .htaccess problem, and for me it was. However, I had been looking in the .htaccess in the root, not in the .htaccess in the wp-admin folder. Normally, I work on this site in particular through terminal services, so when it booted me and I couldn't log back in, I was trying to access it from my home computer (and it's IP).
Silly me forgot the IP restriction I had placed in the wp-admin .htaccess file.
AuthName "Protected"
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 11.11.11.11
</Limit>
If you have something like this in your wp-admin .htaccess files, that would easily explain why all the sites you work on ceased to function at the same time. Internet providers occasionally rotate IPs so that nobody is running a server from home without paying for it.
Upvotes: 0
Reputation: 113
Just to follow up, problem solved! I mentioned mod_sec settings for my server as being the possible culprit as suggested and they were able to fix this issue. Here's what the tech agent said to tell them when you go to support:
Just let them know you need the rule 340163 whitelisted for domain.com as its hitting a mod_sec rule.
Apparently you will need to do this for each domain that is having the issue, but it works. Thanks for all the suggestions everyone!
Upvotes: 2
Reputation: 11
You're in luck bud...I had the same issue but had more tech knowledge on the matter and was able to determine that it was a mod_sec issue that hostgator has to fix/whitelist on their own. You cannot do it yourself. Simply ask the hostgator tech to check mod_sec settings on your server.
Enjoy your fixed issue ;D
Upvotes: 1
Reputation: 17561
The first error you're getting - permissions - is the most indicative. Bump wp-content and wp-admin to 777 and try it, and if it works, then change them both back to 755 and see if it still works. What are you using to change folder permissions? An FTP client?
Upvotes: 0
Reputation: 39939
Did you try:
<Directory /path/to/your/wp-admin>
Order allow,deny
Allow from all
</Directory>
Upvotes: 0
Related Questions
- How to solve 403 forbidden error in wordpress?
- Wordpress 403 Forbidden Error
- Wordpress index.php 403 Forbidden
- how to solve 403 - Forbidden in wordpress?
- Wordpress 403 Forbidden "You don't have permission to access / on this server."
- Can't install wordpress 403 ! Access forbidden
- Forbidden when accessing the wordpress admin panel
- Why I obtain this 403 Forbidden error when I try to access to this WordPress website? Why it can't read the .htaccess file?
- Unable to access wp-admin
- wp-admin and wp-login.php - 404 error for those who do not administrator (wordpress + htaccess)