403 Forbidden Error - Stumped!

Hello folks,

OK - so on my little server, I'm running MPM Event on my happy little Apache version latest, and PHP 7 only. Now - recently, we popped on Mod_Security, with the OWASP rules.

Somewhere, a couple of my wordpress domains decided to start a revolt, and they're throwing 403 Forbidden Errors:
You don't have permission to access / on this server.
Server unable to read htaccess file, denying access to be safe

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Here's what I've tried.

I've checked the .htaccess. from previous experience the changes done by defender sometimes gets its knickers in knots, and then it doesn't want to play with me. So I've reset the .htaccess to default basic "let's call wordpress".

I've also added the code to make Mod_Sec LEAVE THE DOMAIN ALONE, and i've disabled it in cpanel.

I've checked ALL the file and folder permissions, and there's no other .htaccess beyond the public_html to fiddle with access to the domain.

i'm frigging stumped.

i'd have loved to give you support access, but.... i kenna get into the site, sir. it is a calamitous mess.

lastly - i've renamed the plugins folder to plugins_whatever, and created a blank, new, spritely plugins folder to unconfuse any plugins...

i can get into cpanel though.

oh - i've set the mod_sec logging to verbose and snippy, and looked for the rule firing to block access to those domains. however. there's lots of other triggers on other domains that i can access, but the 2 problematic domains don't seem to be activating ANY rules...

here's the link to the code i use to attempt to identify the rule...

any ideas?

  • Predrag Dubajic
    • Support

    Hey Symi,

    I see that you already tried the most common things for this kind of situation so I'm also kinda lost here.

    Could you provide us with cPanel access so I could check with our second level support dev guys to have a look at it?

    You can send us your details using our contact form https://premium.wpmudev.org/contact/ and the template below:

    IMPORTANT: Make sure you select "I have a different question" for your topic so it doesn't go back to forums - this and the subject line ensure that it gets assigned to me.

    Subject: "Attn: Predrag Dubajic"
    - Site login url
    - WordPress admin username
    - WordPress admin password
    - cPanel credentials (host/username/password)
    - Link back to this thread for reference
    - Any other relevant urls

    Best regards,

  • Symi
    • The Crimson Coder

    I founded it!

    That's because the public_html directory's group was set to the users when it needed to be set to nobody.

    Predrag - thanks for jumping in there.

    the command to fix this is:
    (for posterity)

    From INSIDE the UserName Folder:
    # /home/username # chown username.nobody public_html/


Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.