I encountered the same problem, using WP 2.6.2, upgrading the install from 2.0.x. As with the above comments, the 403 error only presented itself when I tried to change options under a single header (‘Reading’, for me).
Permissions on all my files under /wp-admin/*.php were set to 644 to begin with. Just to make sure, I set permissions to 777 but this had no effect and the error remained.
After some Googling and translating from other languages, on a whim I inserted this into my .htaccess file at the root of my website:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
and this seemed to fix the problem. I don’t know enough about module security to know if this is a good/bad thing, or really what it’s fixing, so I would love it if somebody could illuminate us all here.
