The 403 Forbidden HTTP status code indicates that the client was able to communicate with the server, but the server doesn't let the user access what was requested.
An example of descriptive English text that can often accompany such a response is You don't have permission to access /foo on this server.
This response may indicate a resource that requires authentication, such as basic access authentication or digest access authentication through the Authorization request header, or some other form of authentication which is managed through user scripts in a programming language such as PHP. However, this use is incorrect, as the HTTP specification states that 403 should only be used when authorization will not help. The 401 Unauthorized code is a better choice for this situation.
This response is returned by the Apache web server when directory listings have been turned off. Microsoft IIS responds in the same way when Active Directory listings are denied.
See also
|
