How to Stop / Prevent Directory Listing of Your Website

If you create a new directory (or folder) on your website, and do not put an “index.html” file in it, you may be surprised to find that your visitors can get a directory listing of all the files in that folder. For example, if you create a folder called “media“, you can see everything in that directory simply by typing “http://www.example.com/media/” in your browser. No password or anything is needed.

Disable directory browsing using .htaccess:

Add the following line to your .htaccess file.

Options -Indexes

Make sure you hit the ENTER key (or RETURN key if you use a Mac) after entering the “Options -Indexes” words so that the file ends with a blank line.

Disable directory browsing using httpd.conf:

  • Open your httpd.conf, normally it’s located at /usr/local/apache/conf or /etc/httpd.conf
  • Go to your own Virtual Host settings and look for “Options Indexes
  • Change the Indexes to -Indexes if Option Indexes exists or else add the Options -Indexes line
  • Restart your apache web server.
  • The directory browsing feature should be disable by now

Disable directory browsing in CPanel Share Hosting environment:

  • Login to your CPanel
  • Click on Index Manager
  • Directory will be list down. Click on the directory name which you want to disable the directory browsing
  • Select No Index and click Save
  • The directory browsing feature should be disable by now

If all goes well, you should get a “Forbidden” error when you try to access a directory that doesn’t have an index file.

If anything goes wrong, delete the .htaccess or check settings or file on your website and your site should work again.

Note :For those who had an existing .htaccess on the site before, upload the backup copy to the site.

Leave a Comment

Your email address will not be published. Required fields are marked *

CAPTCHA * Time limit is exhausted. Please reload the CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top