Redirected to InfinityFree 403 Forbidden page

While working on your website, you may be redirected to the InfinityFree 403 error page. This article explains why this can happen, and what you can do to solve it.

The URL contains a blocked file or folder name

The “chat” keyword

Live chat scripts are not allowed on InfinityFree hosting. Chat scripts work by constantly refreshing the page in the background. These background refreshes generates excessive server load, which is why we cannot host them. You are free to use live chat on your website though, but you will have to use an externally hosted chat system to handle the messages.

To enforce this, the chat keyword is blocked on our servers. If you try to access any URL with chat in it, you’ll get a 403 Forbidden page. For example,, will all result in a 403 error.

To fix this, you can rename the file or folder to anything else (like talk, message, conversation or whatever else you want).

Please do note that live chat scripts are banned completely, and being able to work around this block doesn’t mean it’s OK to host a live chat script with us.

The includes folder

For security reasons, all files in a folder includes are blocked. This includes URLs like or

The idea behind this is that includes means that the folder contains scripts meant to be loaded into other scripts with PHP include (or require). Scripts like that are generally not meant to be accessed directly.

The fix for this is simple: do not use the folder name includes for anything that’s supposed to be accessed by browser. Instead, put such pages in a folder pages, functions, actions or a folder with any other name.

Your site blocks access from your IP address

With .htaccess rules, it’s possible to selectively block or allow visitors based on their IP address. But using these rules, it’s also possible to lock yourself out of your site.

To do so, open a file manager or FTP connection to your site, go to the website folder and open the file .htaccess.

If there are lines starting with deny from or allow from in the file, it means IP access control is configured on your site.

If you do not want to do any IP level restriction, you can simply remove all these lines from your file.

If there is a line allow from all, you should look for any lines with deny from .... that contain your IP address.

If there is a line deny from all, then you should add a line with allow from .... that contains your IP address.

Website displaying 403 instead of my web page
How to resolve the 403 Forbidden Error?
Why I have Error 403 in my chat page but on other pages it works well
My sub domain returns error 403
Chat.php not working
CORS Policy blocked page
403 Forbidden - Server or website configuration is blocking you from viewing this page
403 "Forbidden" error despite not using "include/require?"
Error 110 smtp help
Hosting Website 403 Access denied
403 forbidden error
403 Forbidden
403 Forbidden
Background video not showing
JavaScript and mysql
PHP File Not Found
403 Error
Php just make communiction with database but infinity alarm 403 Forbidden
Error-Report: Access denied for user 'epiz_xxx'@'192.168.0.%' to database 'epiz_xxx_xxx'
404 problem
403 Forbidden Error (HELP PLS)
Server or website configuration is blocking you from viewing this page
CORS Policy Annoying Errors
Site not working - forbidden 403
Php file not working, redirecting to 403 error page
403 Forbidden
I got 403 forbidden for post
Error 304
403 Forbidden
CORS error
403 Access denied
Slims Library System not working
Fetch DELETE redirects to
Unable to access "chat" related documentation on my site
Error in WP plugin for JS locked
Website displaying 403 instead of my web page
How to put inclue file outside of htdocs?
403 Access denied for chatapp :
The style sheets do not appear on my site, everything appears in black and white, it looks bad.
I cant access my admin panel
Error 403 on some png files

I should ask to clarify, and I hope that other people have this question as well to prevent my question from being self-centered:

Why do you block folders containing the words include/require? Is this for the safety regarding people who do not understand this principle well (the principle of include/require), preventing them from accidentally harming their website?

Or is there another reason behind blocking these folders that might otherwise cause problems to people or their website (or Infinityfree)?


Good question, but one I omitted for a reason.

The reason is that I didn’t block these URLs, but iFastNet did. And I don’t know for sure when or why they did this.

My guess, based on my experience with iFastNet and how they approach things, is that there was a security problem in some popular script or CMS which placed some shared code in the includes folder, which had security problems if these scripts were accessed directly. Like exposing sensitive data, or be used for spam. And to prevent this from being abused, the decision was made to block access to the files and folders that enabled these attacks.

But I didn’t include it in the article because it’s completely unverified.


You may also want to add that errors folder is also prohibited.

The “errors” folder does not lead to a 403 error though, so it does not belong in this article.