Why Is My New (or Migrated) Website Giving a 403 Error?

One of our great customers using Gibbon LMS to manage their school's information, update student records, and check on a class schedule recently started seeing “403 Forbidden” errors on their website.

Simple tasks started taking forever, and often they found themselves having to refresh the page just to keep working.

Of course this was frustrating, and it feels like their school's most important tool was broken.

The Mystery of the 403 "Client Denied" Error

In our experience, this often points to one specific file: the .htaccess file. As you know, this is where you set the rules for your website. A quick look at the website log immediately showed that the Gibbon software was using old set of rules that the server hosting the LMS doesn't understand.

Our servers runs on a modern version of Apache (2.4), which is fast and secure. Turned out that the Gibbon software's rule file (.htaccess) was using old commands like Order Allow,Deny, but the modern server only understands Require all granted. When the server sees the old rule, it gets confused and just denies access, giving them a 403 error.

How to Fix the 403 Error

This 403 Forbidden error is extremely common and not limited to just one application. We see it weekly with WordPress, Joomla, Gibbon, and many other CMS/LMS applications, especially after a migration or a new Softaculous installation.

In short, you are seeing a direct conflict between an old application file and a new server environment. Here is a simple diagnostic you can try. If you feel uncomfortable, please stop and contact our support team. We are happy to help for free.

Step 1: Diagnose the Problem

1. Log in to your cPanel.
2. Go to File Manager and navigate to your application's folder (this is usually /public_html/ or a folder inside it).
3. Find the file named .htaccess. Note: This is a hidden file. You may need to click "Settings" in the top-right of File Manager and check "Show Hidden Files (dotfiles)".
4. Right-click the .htaccess file and rename it to .htaccess.bak. This disables the file, like taking the old map out of the car.
5. Now, go back to your website and try to do the things that were causing the 403 error.

If the error is gone, we've found the culprit! But you are not done.

That file also contained important rules for your site's security and permalinks (pretty URLs). Running without it isn't safe and will likely break your site's links.

Finding and Editing .htaccess via SSH

While the cPanel File Manager is excellent for quick edits, advanced users often prefer the speed and power of the command line (SSH). This guide outlines the best practices for finding, backing up, and editing your .htaccess files using vim.

Warning: These commands are powerful. A single typo in an .htaccess file can bring your entire website down (a 500 Internal Server Error). Proceed with caution.

Step 1: Log in via SSH and Find All .htaccess Files

First, log in to your account via SSH. Your cPanel username and domain will be required. Once logged in, you might want to find every .htaccess file on your account. The find command is perfect for this.

            # Replace '$cpanel_username' with your actual cPanel username
            find /home/$cpanel_username -name ".htaccess"
            

This will list the full path to every .htaccess file, helping you locate the correct one to edit (it's usually the one in /public_html/).

Step 2: Best Practice: Back Up Before Editing

Never edit an .htaccess file without making a backup first. This allows you to restore your site instantly if you make a mistake.

Navigate to the correct directory (e.g., cd /home/$cpanel_username/public_html) and use the cp (copy) command.

            # Navigate to the file's directory
            cd /home/$cpanel_username/public_html
                    

            # Option 1: Create a simple .bak file
            cp .htaccess .htaccess.bak
                    

            # Option 2 (Recommended): Create a timestamped backup
            # This creates a file like: .htaccess-2025-11-03
            cp .htaccess .htaccess-$(date +%F)
            

Step 3: Edit the File with vim

Now you are ready to edit the file using vim. Open the file by typing:

            vim .htaccess
            

You are now in vim's **Normal Mode**. You cannot type text yet. Follow these key commands:

• Press i to enter Insert Mode. You can now use your arrow keys to move the cursor and type your changes.
• When you are finished editing, press the Esc (Escape) key to return to **Normal Mode**.

From Normal Mode, you can save and/or quit the editor. These commands are typed at the bottom of the screen, starting with a colon (:).

            :w     # 'write' (saves the file but keeps it open)
            :q     # 'quit' (closes vim, will fail if you have unsaved changes)
            :wq    # 'write and quit' (saves and closes the file, most common)
            :q!    # 'quit and discard' (closes vim and discards all changes)
            

Best Practice: Verify and Recover from Errors

The moment you save your file (:wq), your changes are live. Immediately open your website in a new browser tab or an incognito window and refresh it. If it loads, your edit was successful.

If you see a 500 Internal Server Error: You made a syntax error. Don't panic. Go back to your terminal and immediately restore your backup. This will bring your site back online instantly.

            # If your site breaks, run these commands IMMEDIATELY:
                    

        
            # 1. Rename the broken file so it's out of the way
            mv .htaccess .htaccess.broken
                    

            # 2. Restore your backup (use the correct backup name)
            mv .htaccess.bak .htaccess
            

What About "Background Processing" & 'exec()' Errors?

You may have also mentioned issues with "background processing" or seen errors about exec() being disabled. This is a separate issue from the 403 errors.

• What is `exec()`? Imagine exec() is a special key that lets your website run mini-programs in the background (like sending mass emails or running complex reports).
• Why is it disabled? On shared hosting (which is like living in an apartment building), we can't give out that key to everyone. It's a major security risk. If one person used it incorrectly, it could affect everyone in the building.

For budget-friendly shared hosting, this function must stay disabled for your protection. This means your only solution for this specific feature is to move to a private server.

The Best Solution for Gibbon LMS

A VPS (Virtual Private Server) is the ultimate solution for a powerful application like Gibbon LMS. If shared hosting is an apartment, a VPS is your own private house. You get your own keys, your own resources, and the freedom to enable exec() safely.

This is the best path forward if your school is growing. We have several powerful, affordable options:

• CloudLinux VPS: The ultimate upgrade for security and performance.
• Scalable Cloud VPS: High-speed servers for websites that need extra power.
• Amazon Lightsail: An all-in-one powerhouse on Amazon's fast, secure network.

Hosting Your School With Us Gives You Peace of Mind

We know this is technical and stressful. Our goal is to take that stress away. As official cPanel Partners, we manage the technology so you can focus on your school. When you host with us, you are always protected by:

• Automatic Backups for total peace of mind.
• Free Migration Assistance to move your site to a new plan for free.
• A Full Security Suite, including Free DDoS Protection, Firewalls, and Free SSL/TLS Certificates.
• 24/7 Expert Support from a team that understands these issues and is ready to help.
• Always-On Uptime Monitoring so we know about problems before you do.

And You Don't Have to Do This Alone

Technical problems are frustrating, but you don't have to be a tech expert to solve them. You have a partner in WebHostingM.

Please contact our team for a free, no-pressure consultation. We'll look at your site, explain your options in plain English, and help you make the best choice for your school and your budget.