11 November 2023
How do you keep people from stealing your reports, images, and other files you have stored on your hosting server?
If you have web hosting many of your files are open to inspection by anyone who has an interest.
This includes files you are using for redirects, images, pdf’s, etc.
The reasons to disable your directory browsing is for privacy of course, but it will also help protect your site against hackers because it will hide your files making you less vulnerable to attack. You are more susceptible to hackers if they can see your themes, plugin’s etc. Often hackers are looking for a particular theme or plugin because they have already found a way to exploit it.
The directory is the default page the web server will go to if you don’t have an index file directing otherwise. Here is a sample of what a directory tree of your website will look like.
This works like a charm for your shared hosting with cPanel.
Log in to your cPanel
Click on Indexes
The directory tree will display. Select what level or folder you want disabled.
If you want to disable the entire site then select “Up One Level” and select the domain.
Select No Index and SAVE.
That should do it. Now when someone tries to access your files they will see a “403 Forbidden” HTTP status code notice that will tell the user your files are not accessible.
If you don’t mind altering files then you can simply add one line to your
Log into your hosting or connect via FTP.
Open in a plain text editor.
Just add this line at the bottom.
In many hosting companies you can do the edit online with your hosting companies editor.
You should now know how to disable Apache's DirectoryIndex setting server wide on your server. This can help increase security by ensuring a directory that doesn't include an index file isn't exposing any other possibly sensitive files.
Create, collaborate, and turn your ideas into incredible products with the definitive platform for digital design.