PHP cURL 403 forbidden error

Are you trying to resolve PHP curl 403 forbidden error?

This guide is for you.

The HTTP 403 Forbidden client error status response code indicates that the server understood the request but refuses to authorize it. This status is similar to 401 , but in this case, re-authenticating will make no difference.

Many of our customers approach us with this curl error. this error occurs due to syntax errors in code and mod-security.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to fix PHP related errors.

In this context, we shall look into the different reasons why 403 forbidden error occurs and their respective fixes.

How to fix PHP curl 403 forbidden ?

1. Syntax errors lead to 403 forbidden error

Recently, one of our customers approached us with this error. 

He tried to execute the following code to download the file using a PHP curl script.

/* gets the data from a URL */
function get_data($url) {
$ch = curl_init();
$timeout = 5;
curl_setopt($ch, CURLOPT_URL, $url);
return $data;

So, we rewrote the code section “function get_data($url) {” as likewise:

$returned_content = get_data('https://(website url name)');

Also, we add this User-Agent with the code.

$userAgent = 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)';
curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);

This resolved the PHP curl error for him.

2. mod_security issues causing PHP cURL 403 error

In another case, we had a customer who approached us with the same error after he submitting forms that contain PHP curl.

On investigating, we found that mod_security was enabled.

The mod_security feature scans all POST requests to the web site for forbidden words that might indicate that someone is trying to hack the system.

If this feature conflicts then the Apache will end up throwing an error message.

In order to disable ‘mod_security’ for the website, we go to ‘document root’ of the website. Then we open the .htaccess file.

After that, we add the below code in it.

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off

Finally, we save the file.

3. Incorrect coding issue

Coding errors can also cause curl errors.

Here is an example, where our customer was trying to access the site with authentication.

He used the below incorrect code and received 403 forbidden error.

HTTP/1.1 403 Forbidden
content Type; Text/plain
date: wed 27 jan 2021 14:40:19 GMT

The credentials he was using were correct but still was unable to access the site with authentication.

However, Our Support Experts found a solution to this error:

It requires a csrt token (on a page with a form that wants to protect, the server would generate a random string) to log in.

Here, the customer didn’t provide a code to retrieve/post one.

So, we added the below syntax with the code,

curl_setopt($ch, CURLOPT_USERPWD, $username . ":" . $password);

Finally, this fixed the problem.

[Need urgent assistance with curl errors? – We are here to help you. ]


This article will guide you on different methods to fix #PHP #curl #error which can occur due to syntax errors, mod_security issues, and also due to incorrect coding issues. A 403 #error indicates that the user cannot access certain web pages. It is a generic error that says: "You do not have permission to view this page". 

The "Access Denied" error appears when your Mozilla Firefox browser uses a different proxy settings or VPN instead of what's really set on your Windows 10 PC. Thus, when a #website detected that there is something wrong with your browser cookies or your network, it blocks you which is why you can't open it.Typically, the error is caused by an issue with the #URL or with cached files within the browser.

To fix 403 #forbidden:

1. What is a 403 Forbidden Error?

2. Refresh the Page.

3. Double Check the Address.

4. Clear Your Browser Cookies and Cache.

5. Check if You Have Permission to Access the URL.