Plugin Settings - 403 forbidden


I’ve installed the plugin on Wordpress 5.2.4. Installation was fine so far. But there are some links in the Plugin-Settings where I get a 403 forbidden. For example:

“Reporting”: the link target is https://mydomain/wp-admin/admin.php?page=matomo-reporting.
But apparently there’s a redirect to https://mydomain/wp-content/plugins/matomo/app/index.php?idSite=1&period=day&date=yesterday&module=PrivacyManager&action=privacySettings

“Tag Mananger”: same as “Reporting”. The redirect to wp-content/plugins/matomo/app/index.php?.. ends up in 403.

Settings/Privacy: “Anonymize Data” and the other links all end up in 403

The same if I try to call the matomo opt-out in a wp-site

Is the redirect to wp-content/plugins/matomo/app/index.php wanted?

In the htaccess I can’t see anything that would cause the 403 in the plugin-directory. For testing I’ve disabled my firewall plugin and the csp header but nothing changed. The directory/file permissions are fine. d 755 f 644 (as WP recommends)

How can I fix it?



Can you check your webserver error log? It should explain why the server returns a 403

Be indeed good to check your webserver error log.

Do all the other screens within the WordPress admin work (like Summary, About, Settings, …)?

Thank you for reply. I’ve found the problem. There was a seperate htaccess in wp-content which disable direct access of any *.php files. :smirk:

<FilesMatch .php>
 Order deny,allow
  Deny from all

For security reasons I would like to keep that. I’m not a specialist in htaccess directives. Can someone tell me how to write a rule that keeps the generell restriction for php-files with an exception for the matomo index.php?