Click on the banner to learn about and purchase my database training on Azure

Preventing listing files and directories with .htaccess (Apache)

Views: 9.052 views
Reading Time: <1 minutes

Good evening.

Today I am going to talk about how to prevent unauthorized people from viewing the files and folders of your Apache web server by entering a directory name, such as

By default, the apache web server will open the default file defined by the DirectoryIndex directive (Learn more here). If this file does not exist or does not have a predefined directive, the server will open the listing of files and directories.

Most of the time, this is not interesting and even facilitates possible attempts at cracking attacks on your site. Learn now how to control it.

Using the IndexIgnore Directive
Through the IndexIgnore directive, we can block N file extensions that we do not want listed.


Using the Options Directive
This directive is more complete and simple, blocking any directory listing on your server and sending the HTTP 403 (Forbidden) error code to anyone trying to access it.

How to use:

Now your servers are more secure and private!
To the next!