Forbidden
You don’t have permission to access /wp-admin/ on this server.
If you are facing CWP Free version and have mod_security turned on, then you probably need to disable one of if its rules that generate false positive. I’ve tested this on CMS other than WordPress so if you are using any other CMS like Joomla, Magento or OpenCart, etc it might be worth trying.
Be advised that this tutorial is for only those who are using the following:
- CentOS WebPanel (CWP)
- Mod Security (Turned On)
- Receiving Forbidden Errors while accessing your website
First Off, try restarting CWP Services. It might fix the issue. There are multiple ways to do that, but I’m going to mention two:
- Run
service cwpsrv restart
using SSH
OR
- Navigate to CWP Dashboard and scroll down to the Process section. Click on Restart CWP Services
If restarting CWP Services doesn’t help, try this solution:
- Navigate to Security > Mod Security
- In the Info Panel on the right, scroll down and look for Configuration Files.
- Click on Disable Rules and a file
/usr/local/apache/modsecurity-owasp-old/global_disabled_rules.conf
will be loaded in the left pane.
- Add these lines at the end of the file:
##Manual WP##
SecRuleRemoveById 981172
SecRuleRemoveById 958057
SecRuleRemoveById 950911
SecRuleRemoveById 981317
SecRuleRemoveById 958049
SecRuleRemoveById 973302
SecRuleRemoveById 973306
SecRuleRemoveById 973314
SecRuleRemoveById 973322
SecRuleRemoveById 973348
SecRuleRemoveById 973344
SecRuleRemoveById 973332 - and then Click Save
- After saving the file click on Restart Apache in the Info Panel on the Right
Voila! the forbidden error is now gone.
If you are still facing issues and the above guide didn’t help, you can either drop a comment or open a ticket to ask me for help.