403 – Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied

I have my website. First time I can successfully login.

Default address:


I typed this on browser and I redirected to my login page:

I entered my login credential and log into the site.

After some time I opened a new tab and enter my website address


Now it gives me an error:

403 – Forbidden: Access is denied.
You do not have permission to view this directory or page using
the credentials that you supplied.

The whole story is this: if I am not logged on my site, then I can open my site number of tabs and browsers. But as soon as I logged in my site, I am getting the error above.

 <authentication mode="Forms">
  <forms name="MMFormAUTH" loginUrl="Pages/LandingPage.aspx" defaultUrl="Pages/LandingPage.aspx" timeout="60" protection="All" slidingExpiration="true" enableCrossAppRedirects="false" requireSSL="false" />
  <deny users="?" />
<sessionState cookieless="false" cookieName="abc" mode="InProc" timeout="60">
<httpRuntime maxRequestLength="1000240" executionTimeout="120" />


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Try this

 <allow  users="?" />

Now you are using <deny users="?" /> that means you are not allowing authenticated user to use your site.

authorization Element

Method 2

I had the same problem. It turned out that I didn’t specify a default page and I didn’t have any page that is named after the default page convention (default.html, defult.aspx etc). As a result, ASP.NET doesn’t allow the user to browse the directory (not a problem in Visual Studio built-in web server that allows you to view the directory) and shows the error message. To fix it, I added one default page in Web.Config and it worked.

            <add value="myDefault.aspx"/>

Method 3

You can get the same error in Asp.net MVC5 if you have a class name and a folder with a matching name
Example : If you have class lands where when you want to see view/lands/index.cshtml file, if you also have a folder with name ‘lands’ you get the error as it first try the lands folder

Method 4

Resolution for 404 Forbidden in recent .Net 4.7 MVC/webform pplication hosting in Azure VM
We need to install the .Net 4.7 and extensibilty and development in server role other than the .Net 4.7/version feature as below:
This might have been alreday activated
.Net Activated feature

We need to also add the below under IIS webserver role-> Application Development -> select the .Net version as below
Image to Activate the requited Role under IIS webserver Role
Server Role Activation under application Development

Method 5

If your using MVC in your project you must use:


More here.

ASP.NET MVC not serving default document

Method 6

In my case, the issue was new sites had an implicit deny of all IP addresses unless an explicit allow was created. To fix: Under the site in Features View: Under the IIS Section > IP Address and Domain Restrictions > Edit Feature Settings > Set ‘Access for unspecified clients:’ to ‘Allow’

Method 7

 <location path="Path/To/Public/Folder">
        <allow users="?"/>

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x