Error 403: Forbidden

whenever i try to use the domain i bought (yifanyang.ca) i get back a 403 error: “Forbidden You don’t have permission to access / on this server.”. I already set up the nameservers and it has been more than 24 hours since i updated the nameservers. Everything works fine if I use the domain netlify provided me with: yifanyang.netlify.com

1 Like

Sorry I cant help, but Im having the same issue. :confused:

Did you find a solution somewhere?

Hi, @YifanYang2000. I’m showing that the this domain is using both Netlify DNS and other DNS service:

$ whois yifanyang.ca | grep "Name Server"
Name Server: dns1.p08.nsone.net
Name Server: dns2.p08.nsone.net
Name Server: dns3.p08.nsone.net
Name Server: dns4.p08.nsone.net
Name Server: ns1.domain.com
Name Server: ns2.domain.com
Name Server: dns1.p08.nsone.net
Name Server: dns2.p08.nsone.net
Name Server: dns3.p08.nsone.net
Name Server: dns4.p08.nsone.net
Name Server: ns1.domain.com
Name Server: ns2.domain.com

So, what you see will be affected by which name server answer, Netlify’s or the other service. If I ask one of the Netlify controlled DNS reservers, I get an IP address controlled by Netlify:

$ dig @dns4.p08.nsone.net yifanyang.ca A +noall +answer

; <<>> DiG 9.10.6 <<>> @dns4.p08.nsone.net yifanyang.ca A +noall +answer
; (1 server found)
;; global options: +cmd
yifanyang.ca.		20	IN	A	167.172.221.254

However, if I ask the other DNS service, I get an IP address not controlled by Netlify:

$ dig @ns1.domain.com yifanyang.ca A +noall +answer

; <<>> DiG 9.10.6 <<>> @ns1.domain.com yifanyang.ca A +noall +answer
; (1 server found)
;; global options: +cmd
yifanyang.ca.		3600	IN	A	66.96.162.139

Please remove the other name servers which are not part of the Netlify DNS service to resolve this.

Alternately, if you don’t want to use Netlify DNS, you can still point the custom domain to your Netlify site. To do this, delete the Netlify DNS configuration, remove our NS records for that domain at the registrar, and then use the external DNS instructions below instead:

If there are other questions about this, please let us know.

Hi, @Maxim, and welcome to our Netlify community site. What is the domain name not working for you with your Netlify site?

If you would prefer to send that by private message (PM), I’ve enabled that for your user. Please keep in mind that PMs get much slower replies than public messages as I will be the only person to see it (as opposed to the whole support team).

Hey @luke thanks for the answer :slightly_smiling_face:

It´s working now, I have no clue what fixed it but yeah… :smile:

The problem I had was that my custom domain maximgehricke.com gave a 403 forbidden error, while the maximgehricke.netlify.com worked fine.

If you know what could have caused this it would be nice to know, otherwise i´d say case closed
:slightly_smiling_face:

1 Like

Hi, @Maxim. I don’t see our CDN serving any 403 responses for this custom domain in the last 30 days.

My best guess is that there were delays in the changes to DNS settings due to the time to live (TTL) values in the previous DNS records. This would mean that the domain was pointing somewhere other than Netlify and that the 403 was coming some other system (meaning not a Netlify system). When the TTLs expired the new records started working and the issue was resolved. Again, this is just my best guess.

1 Like

Hello! I have the same issue for
https://technicalpurple.com/

https://friendly-muffin-db3956.netlify.app/

Hi, @aeskt. You seem to have two IP addresses configured for the apex domain:

technicalpurple.com.	3600	IN	A	75.2.60.5
technicalpurple.com.	3600	IN	A	66.96.162.148

The second DNS record above (for 66.96.162.148) is not pointing to Netlify.

Netlify returns a 200 response:

$ curl --compressed -svo /dev/null --resolve technicalpurple.com:443:75.2.60.5 https://technicalpurple.com/  2>&1 | egrep '^< '
< HTTP/2 200
< age: 15
< cache-control: public, max-age=0, must-revalidate
< content-encoding: gzip
< content-type: text/html; charset=UTF-8
< date: Thu, 19 May 2022 03:01:36 GMT
< etag: "cebd6fb86adcae00ca28d9f77ab6c3d6-ssl-df"
< server: Netlify
< strict-transport-security: max-age=31536000
< vary: Accept-Encoding
< x-nf-request-id: 01G3D47CQMQ3HEJM9V9TH0GKDK
< content-length: 53645
<

The other IP address returns a 403:

$ curl --compressed -svo /dev/null --resolve technicalpurple.com:443:66.96.162.148 https://technicalpurple.com/  2>&1 | egrep '^< '
< HTTP/1.1 403 Forbidden
< Date: Thu, 19 May 2022 03:01:58 GMT
< Content-Type: text/html; charset=iso-8859-1
< Content-Length: 209
< Connection: keep-alive
< Server: Apache/2
< Age: 0
<

If you delete the second A record for 66.96.162.148` the issue should be resolved.

Amazing, I learned something more from your responses and commands examples.
Thank you

1 Like

Hello , i have same problem too , can you help me ? I tried everything you write here for solving but still i have same problem , when i and my friends (for test) enter my site sometimes we get

Forbidden You don’t have permission to access / on this server.

this error and sometimes everything is ok , now i get “This site can’t be reached” error too

celebrated-pithivier-3935d9.netlify.app

Hi,

This appears to work fine.

1 Like

Hi, I have a similar problem after pointing directly to netlify’s name servers
The domain is (anushotit.com)
I have checked the name servers with the “whois” command and they point only to netlify and I keep getting the 403 Forbidden error

Hey @Olumurewa

I suspect this issue was due to DNS still propagating. anushotit.com loads fine for me. Are you still experiencing this issue?

Yes I am still experiencing the same issue.

I don’t believe that error is coming from Netlify.

It appears you are accessing the site from inside WhatsApp, is that correct? Have you tried accessing it via a browser normally, or another device?

I have tried and this is the screenshot

This is what I see @Olumurewa

% curl --compressed -svo /dev/null --resolve anushotit.com:443:75.2.60.5 https://anushotit.com/  2>&1 | egrep '^< '
< HTTP/2 301
< age: 4638
< cache-control: public, max-age=0, must-revalidate
< content-type: text/plain
< date: Fri, 26 Aug 2022 21:31:49 GMT
< location: https://www.anushotit.com/
< server: Netlify
< strict-transport-security: max-age=31536000
< x-nf-request-id: 01GBE5GGGE330YHQ1WGSV4NNHV
< content-length: 41
<

And

% curl --compressed -svo /dev/null --resolve www.anushotit.com:443:75.2.60.5 https://www.anushotit.com/  2>&1 | egrep '^< '
< HTTP/2 200
< age: 4682
< cache-control: public, max-age=0, must-revalidate
< content-type: text/html; charset=UTF-8
< date: Fri, 26 Aug 2022 21:31:50 GMT
< etag: "c7bacd606edb327aa690aab3720c7ddc-ssl"
< server: Netlify
< strict-transport-security: max-age=31536000
< x-nf-request-id: 01GBE5HV0AHKG9XXEAP4F39M04
< content-length: 732
<

This clearly shows the site is served by Netlify.

I suggest there is an issue with the DNS you are using, either locally or somewhere on the network. This is nothing to do with Netlify.

Thank you. I am really impressed withthe response times :netliheart:

hello Olumurewa,

the site may be blocked or cached from the whatsapp in-app browser. After curling the URL, the site comes up:

curl -IL  anushotit.com
HTTP/1.1 301 Moved Permanently
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 37
Content-Type: text/plain
Date: Sat, 27 Aug 2022 08:23:08 GMT
Location: https://anushotit.com/
Server: Netlify
X-Nf-Request-Id: 01GBF6BHNJHTXHZSQ4V2CEEC2S

HTTP/2 301
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Sat, 27 Aug 2022 08:23:08 GMT
location: https://www.anushotit.com/
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GBF6BHZXVW0N052YBWBQ6C6G
content-length: 41

HTTP/2 200
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 08:23:08 GMT
etag: "bed4ebeae776323d1575270c39c99e50-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GBF6BJCCHBT9MA7TQGM0EA5E
content-length: 732

Please try a different browser.

Hey I have been having the same issue. It has been more than 24 hours. The sites link is herfazy.com. I don’t know what to do or if the problem is from the domain name or the host (I use an external domain name)