AH01797: client denied by server configuration

Posted August 6, 2021 1k views
WordPressDigitalOcean Droplets


Today morning i was trying to access A wordpress and a Moodle app in the dropplet, but i am receiving the 403 Forbidden error when accesing admin panel in WP and in Moodle in general. I have checked the hosts configuration files and updated with the appropiate rules, also i checked permissions on folders and files an nothing resolves the issue.

I am detecting some wierd behavior on .htaccess files, whenever i want to change the rules in the htaccess file in wordpress installation the changes are reverted, despite i disbled all plugins manually and deleted the file, it appears again and maybe one of the rules in this file is causing the forbidden error.

I was trying to do anything possible, but now i am stuck and cannot try anything else, but restore the dropplet from a backup.

Any hint would be great,

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Hello, @JuanSaudade

You can examine the Apache/Nginx error log in order to track down the source of the issue here.

Also, you can double-check the file/folder ownership and permissions and make sure that they’re correct.

The log can be accessed using the cat, tail or the less command

  • sudo tail -n 2 /var/log/apache2/error.log

Substitute the number of lines that you would like to examine in place of the number 2 in the command.

If you’re using Nginx you can use the following command:

  • tail -n 2 /var/log/nginx/error.log


  • Hi Alex,

    Thanks for the hint. I already did it, and there is the error i put here in the tittle: ‘AH01797: client denied by server configuration’. I finally dound what the problem was. The site just got hacked, and some php and .htaccess files was propagating over the /var/www folder, there was so much to clean and i couldn’t find the script generating those files. So, i had to restore the dropplet, and now i am improving security in the sites.

    I can say now this is resolved.

    • I’m glad you were able to solve the issue.

      You can also update all of your passwords and disable/delete all plugins and themes which are not currently in use. Additionally, you can enable two-factor authentication and change the wp-admin page URL.