«

»

Jan 02 2013

Print this Post

Resolving IIS 403 Forbidden: Access is denied

You do not have permission to view this directory or page using the credentials that you supplied.

Every time IIS (Internet Information Services) is given a folder to access with information on a website, the 403 error page will appear if the right permissions are not given to the folder. It is a simple fix, but I don’t know why Microsoft hasn’t posted a proper answer on their KB, MSDN or their other support forums on this issue.

If you have just created an HTTP/HTTPS site on IIS 7/8 (may be true for other IIS installs as well), you need to assign IIS_IUSRS security permissions to your assigned web folder. To do that,

    1. Right click on the folder (the folder you assigned for web access in IIS)
    2. Choose “Properties” (or “Edit Permissions” if you right clicked while inside the IIS window)
    IIS8_folder_right
    3. Go to “Security” tab
    IIS8_folder_security
    4. In the top box, “Group or user names”, open “Edit…” (will take you to Permissions window)
    IIS8_folder_add_per
    5. You will most likely cannot fine IIS_IUSRS in the list; open, “Add..”
    6. In the box at the very bottom, “Enter the object names to select (examples):” enter IIS_IUSRS
    7. Click OK and make sure in the Permissions window, you have allowed, Read & execute, List folder contents and Read

In a nutshell;
Right click -> Properties/Edit Permissions -> Security (TAB) -> Edit (under Group or user names) -> Add (IIS_IUSRS) -> OK (make sure the right permissions described in steps 7 are there)

Permanent link to this article: http://sanuja.com/blog/resolving-iis-403-forbidden-access-is-denied