How to Disable Directory Browsing

How do you keep people from stealing your reports, images, and other files you have stored on your hosting server? 

If you have web hosting many of your files are open to inspection by anyone who has an interest.

This includes files you are using for redirects, images, pdf’s, etc.

The reasons to disable your directory browsing is for privacy of course, but it will also help protect your site against hackers because it will hide your files making you less vulnerable to attack. You are more susceptible to hackers if they can see your themes, plugin’s etc. Often hackers are looking for a particular theme or plugin because they have already found a way to exploit it.

The directory is the default page the web server will go to if you don’t have an index file directing otherwise. Here is a sample of what a directory tree of your website will look like.

 

 

How to Disable Directory Browsing in cPanel

This works like a charm for your shared hosting with cPanel.

Step 1.
Log in to your cPanel

Step 2.
Click on Indexes 

Step 3.
The directory tree will display. Select what level or folder you want disabled.
If you want to disable the entire site then select “Up One Level” and select the domain.

 

Step 4.
Select No Index and SAVE.

Step 5.
That should do it. Now when someone tries to access your files they will see a “403 Forbidden” HTTP status code notice that will tell the user your files are not accessible.

.htaccess Method to Disable Directory Website Listings for Blogs

If you don’t mind altering files then you can simply add one line to your .htaccess file.**

Step 1.
Log into your hosting or connect via FTP.

Step 2.
Download the .htaccess file

Step 3.
Open in a plain text editor.

Step 4.
Just add this line at the bottom.

 

Step 5.
Upload new .htaccess file

In many hosting companies you can do the edit online with your hosting companies editor.

You should now know how to disable Apache's DirectoryIndex setting server wide on your server. This can help increase security by ensuring a directory that doesn't include an index file isn't exposing any other possibly sensitive files.