A 403 Forbidden response means the web server received your request but is deliberately refusing to serve that file or directory. In a properly configured server, that refusal is absolute — but misconfigurations can sometimes let a request reach the file anyway, through how the server or an underlying application interprets slightly modified URLs. Understanding why this happens is more useful than knowing any single trick, since the trick changes but the underlying misconfiguration pattern doesn't.
Read more: Why "403 Forbidden" Bypasses Happen — and How to Configure Your Server to Prevent Them