How to fix NGINX 403 Forbidden

When dealing with servers and web resources, we encounter errors that we cause when performing maintenance and configurations. When you encounter such errors, you need to diagnose and fix the problem as fast as possible to avoid downtime and data loss.

This quick guide will address a common error when working with NGINX servers (403 Forbidden), its causes, and how to fix it.

What is the Nginx 403 Error?

Nginx 403 Forbidden error is a status code generated and displayed to the user when a client tries to access a part of the webserver with insufficient permissions. For example, NGINX protects directory listing and will result in an error 403.

Server Side Causes of Nginx 403 Error

Before we get started, it is good to note that the error can come from the client-side and not the server itself. We shall address the server-side errors first, then client-side errors.

Cause 1: Incorrect Index File

The very first and common cause of the NGINX 403 Forbidden error is an incorrect configuration for the index file.

The Nginx configuration file specifies which index files to load and the order in which to load them. However, if the specified index files are not in the directory, Nginx will return 403 forbidden error.

For example, the config below defines the index files and how they should be loaded

location / {
    index index.html index.htm index.html inde.php;

One way to resolve this issue is to add the index file specified in the configuration file or add the available index file to the config file.

Another way to solve this issue is to allow Nginx to list directories if the index file is unavailable. Enable this module by adding the following entry to the configuration file.

location / {
autoindex on;
autoindex_exact_size on;

NOTE: We do not recommend this method on publicly accessible servers.

For more information on how to serve static content, consider the Nginx documentation resource provided below:

Cause 2: Incorrectly set permissions

Nginx 403 forbidden error can also result from files and directories having incorrectly set permissions. For Nginx to successfully server a specific file and resource to the client, Nginx needs to have RWX—read, write and execute—permissions on the entire path.

To resolve this error, change the directories permission to 755 and the file permissions to 644. Ensure that the user running the Nginx process owns the files. For example, set user to www-data:

sudo chown -R www-data:www-data *

Finally, set the directory and file permissions as:

sudo chmod 755 {dir}
sudo chmod 644 {files}

Client-Side Cause of Error 403

As mention, at other times, the 403 error may user-caused instead of being on the server-side. To resolve such issues on the client-side, perform the following operations.

  • Ensure you are accessing the correct web location
  • Clear browser cache
  • Ensure the firewall or proxy allows you to access the web resource.


This quick guide discussed the causes of the NGIX 403 forbidden error and various ways to fix it. It is good to look at the server logs before attempting any troubleshooting methods.

About the author

John Otieno

John Otieno

My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list