Website is not accessible: 403 Forbidden AH01797: client denied by server configuration

Symptoms

• The website shows an error similar to the following one:

  CONFIG_TEXT: 403 Forbidden

• The log file /var/www/vhosts/system/example.com/logs/error_log contains errors like the following:

  CONFIG_TEXT: AH01797: client denied by server configuration: /var/www/vhosts/example.com/index.php

•  IP is being banned by Fail2Ban after browsing WordPress Admin dashboard.

Cause

Custom Apache configuration does not allow access to the website. 

Resolution

1. Login into Plesk;

2. Go to Domains > example.com > Apache & nginx Settings > Additional HTTP/HTTPS directives and add "#" sign before directives similar to the ones below:

   CONFIG_TEXT: Deny from all

   CONFIG_TEXT: <Location /example>
   Require all denied
   </Location>

   Another example - spam-bot blocker rule:

   CONFIG_TEXT: SetEnvIfNoCase User-Agent "some_bot" bad_bot
   Deny from env=bad_bot

3. Connect to the server via SSH and check if there are any .htaccess files in the domain's document root directory:

   NOTE: Replace example.com with the actual domain's name

   # find /var/www/vhosts/example.com/httpdocs/ -name ".htaccess"
   /var/www/vhosts/example.com/httpdocs/example/.htaccess
   /var/www/vhosts/example.com/httpdocs/example2/.htaccess
   /var/www/vhosts/example.com/httpdocs/.htaccess

4. Review the content of all .htaccess files with a text editor and disable restrictive settings that prevent access to the site by adding the "#" sign before "Deny" directives.

5. Check /etc/httpd/conf.d/ for custom configuration files preventing access to example.com