Troubleshoot a 403

A common error that many IIS administrators encounter is the "403 - Forbidden" error.  This cryptic message erroneously leads many to believe that it's NTFS permissions related but it's not - errors related to authentication and access control are in the 401 status group.

The first step in tracking down the source of these 403 errors is to find the relevant IIS log file entries for these requests.  You need to know the sub-status code associated with the 403.  This is much the same process I described in Troubleshoot a 404.  Once you have the sub-status code, you can match it to the status and sub-status code reference in the following Microsoft knowledge base articles.  These references describe the common HTTP status codes and their likely causes.

IIS 7:

IIS 5 & 6:



  • # 403.18 - Cannot execute requested URL in the current application pool.

    Application pool not sure what they are talking about. it does work if i call the page this way.

    need a little more help. thanks

  • I have one challenging issue pending from almost 15 days on below question from our customer.

    We have website ( defined in IIS 6.0 and this site is added with around 10 hostheaders say ex:,,,,, etc... all are pointing to our shared VIP. (contains both www & non-www domains)

    Here what our customer wants is, -----should redirect to---> -----should redirect to---> -----should redirect to---> -----should redirect to---> & its aliases are now point to main site (to doc root).

    Doc root contains the contains the different folders for each country (ex: folder called /nl, /dk, /jp, etc... )

    Can anyone help to implement this on IIS part or in scripting ....

Comments have been disabled for this content.