In Magento 2, 403 forbidden issue typically arrives when trying to display WYSIWYG images that means that the webserver – nginx/apache is denying access to the images.
When you go to Magento admin editor i.e: CMS page or block, you see an image inserted via WYSIWYG shows a broken link.
If you right click on it and open in a new tab, the URL will show a 403 forbidden issue.
Also, when you try to open the WYSIWYG editor and attempt to add an image, numerous 403 forbidden errors appear in the console.
While there are several factors that are unable to display WYSIWYG images 403 forbidden issues.
Some of the common ones are:
- the web servers can not read such WYSIWYG image files/folder
- permission for the images are incorrect
- .htaccess/nginx rules are blocking access
- due to file ownership issues
Now, consider following the solution in this article to resolve it.
Unable to display WYSIWYG images(403 forbidden issue)
In most cases, this issue arises due to Nginx and Apache configurations. Implementing the changes outlined below can help resolve it.
For NGINX :
Find the below code in the NGINX configuration:
# such as .htaccess, .htpasswd, etc...
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
Replace it with the code below:
location /. { ## Disable .htaccess and other hidden files
return 404;
}
For Apache:
Find the below code:
<DirectoryMatch “^\.|\/\.”>
Order allow,deny
Deny from all
</DirectoryMatch>
You will need to allow access to which directory/folder is not accessible.
<DirectoryMatch “^\.|\/\.”>
Order allow,deny
Deny from all
</DirectoryMatch>
- The above code means deny all the directories starting with dot.
<DirectoryMatch “/.OtherDirName”>
Order allow,deny
Allow from all
</DirectoryMatch>
Here, instead of OtherDirName – add the directory for which you need to allow access. I.e: .thumb
That’s all.
Implementing this change resolved the issue for you.
