All domains show 403 Forbidden in Plesk: You don't have permission to access

Started by Suhitha, Oct 10, 2025, 06:36 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Suhitha

Oct 10, 2025, 06:36 AM
Question: All domains show 403 Forbidden in Plesk: You don't have permission to access


Symptoms

  • All websites hosted in Plesk are not working:

Code Select
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Or, the blank page is shown instead of content.

  • The domain's error log in Domains > example.com > Dashboard > Logs contains the following:

Code Select
(13)Permission denied: /var/www/vhosts/example.com/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://example.com/
(13)Permission denied: [client 203.0.113.2:39024] AH00529: /var/www/vhosts/example.com/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/vhosts/example.com/httpdocs/' is executable

Cause

Apache service does not have proper permissions to vhost or httpdocs folder.


Resolution

Fix Apache user permissions:


                                      For Debian

  • Connect to the Plesk server via SSH
.

  • Find the username that is used by the Apache service. This username is defined in the APACHE_RUN_USER variable in /etc/apache2/envvars:

# grep APACHE_RUN_USER /etc/apache2/envvars
export APACHE_RUN_USER=www-data

  • Add that user to the psaserv group. For example, if the Apache user is www-data, you would add the user in the psaserv group as below:

# usermod -a -G psaserv www-data

  • Restart web server

# service apache2 restart


                                        For CentOS

  • Connect to the Plesk server via SSH.
  • Make sure that Apache process is executed by the apache user and group:

# egrep -R ^User\|^Group /etc/httpd/conf/httpd.conf
User apache
Group apache

# lsof /usr/sbin/httpd
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 1357 root txt REG 8,1 523608 33181 /usr/sbin/httpd
httpd 2791 apache txt REG 8,1 523608 33181 /usr/sbin/httpd

  • Set the apache user with the apache and psaserv group:

# usermod -G "apache,psaserv" apache

Code Select
Restart web server
# service httpd restart

Note: If the server is running on Proxmox VE, this configuration is not going to work as expected. Please contact Proxmox support for further assistance.

Note: It is also worth checking SELinux in case CentOS is used on the server. Set it to permissive with setenforce 0 command to check it.
Print
Go Up Pages1
User actions