Why does my WordPress show a 404 message for 403 forbidden directories?

I’m not sure if this is specific to my site or not, but if anyone knows how to override this behavior, that would be most appreciated! I have WordPress installed in the root directory of my server. There is also an unrelated sub-directory we’ll call ‘restricted-dir’. I have added an .htaccess file inside that directory with the following code:

Deny from all

Without that command, if a user visits www.my-domain.com/restricted-dir/ it would list all contents. I would like the user to receive the server’s typical 403 Forbidden message, but instead WordPress kicks in and directs the user to my 404 page on my website.

Is there anything I can do to make the 403 page show up instead of the 404 page along with my entire WordPress install?

Thinking on it for a minute, I suppose it has something to do with the rewrite rules from the WP .htacces is kicking in and rewriting the request to WP. It doesn’t totally make sense to me, because WP’s rewrite rules actually ignore directories, and I cannot reproduce it with a quick test, but there might be other factors at play in your environment.

Adding

RewriteEngine On
RewriteRule ^restricted-dir - [F,L]

in the WP .htaccess before the WordPress Rewrite Rules should have the same result, denying access to restricted-dir with a 403 response.