If you are facing this annoying error while reaching your WordPress, WHMCS or any other CMS website :
Forbidden
You don’t have permission to access /wp-admin/ on this server.
If you are facing CWP Free version and have mod_security turned on, then you probably need to disable one of its rules that generate false positives. We’ve tested this on CMS other than WordPress so if you are using any other CMS like Joomla, Magento or OpenCart, etc it might be worth trying.
Note that this tutorial is for only those using:
- CentOS WebPanel (CWP)
- Mod Security (Turned On)
- Receiving Forbidden Errors while accessing your website
First, try restarting CWP Services. It might fix the issue. There are multiple ways to do it. However, in this blog we will be considering two:
- Run service cwpsrv restart using SSH
OR
- Navigate to CWP Dashboard and scroll down to the Process section. Click on Restart CWP Services
If restarting CWP Services doesn’t help, try this:
- Navigate to Security > Mod Security
- In the Info Panel on the right, scroll down and look for Configuration Files.
- Click on Disable Rules and a file
/usr/local/apache/modsecurity-owasp-old/global_disabled_rules.conf
will be loaded in the left pane. - Add these lines at the end of the file:
##Manual WP##
SecRuleRemoveById 981172
SecRuleRemoveById 958057
SecRuleRemoveById 950911
SecRuleRemoveById 981317
SecRuleRemoveById 958049
SecRuleRemoveById 973302
SecRuleRemoveById 973306
SecRuleRemoveById 973314
SecRuleRemoveById 973322
SecRuleRemoveById 973348
SecRuleRemoveById 973344
SecRuleRemoveById 973332 - and then Click Save
- After saving the file click on Restart Apache in the Info Panel on the Right
Voila! the forbidden error is now gone.
If this guide didn’t leave you with the answers you needed, let us help! You can drop a comment or open a ticket, and we’ll respond with alternative solutions. Together, we’ll make sure you get the support and guidance needed to move forward. Don’t hesitate to reach out – We’re here to help!
Be First to Comment