Dispatcher flush requests receive a "403 Forbidden" response from the web server.
There can be many causes including web server access control and dispatcher misconfiguration.
On the web server, check in the dispatcher .any configurations for the /allowedClients configuration and make sure that it lists the IP address of the AEM server where the flush agent exists. Note that host names will not work in this configuration.
If you have DispatcherDeclineRoot set to 1 in your http configuration for dispatcher, then you can set the Host header in the dispatcher flush agent.
If this is occurring on Apache 2.4 and this error is observed in the Apache error_log:
AH01630: client denied by server configuration
In Apache HTTP Server 2.4, the access control is done in the same way as other authorization checks in earlier versions. However, it uses the new module mod_authz_host, so there is new syntax.
To fix the client denied error, add the below location to httpd configuration file in the directive for the site:
Require all granted
Or define specific IP addresses that are allowed:
Require ip 192.168.1.104 192.168.1.205