How to Disable Directory Browsing on Website or Blog

Directory browsing allows users to view the contents of a directory on your website or blog. While this feature can be helpful in certain situations, it can also be a security risk as it exposes the files and directories on your server to potential attackers.

In this guide, we will show you how to disable directory browsing on your website or blog using httpd.conf and .htaccess files.

Step 1: Locate the httpd.conf File

The httpd.conf file is the main configuration file for the Apache web server. It is usually located in the /etc/httpd/ or /etc/apache2/ directory, depending on your server setup. You will need root access to edit this file.

See also  How to Install Perl on CentOS 5.8

Step 2: Edit the httpd.conf File

Open the httpd.conf file in a text editor such as nano or vi. Locate the following line:

Options Indexes FollowSymLinks

Remove the word “Indexes” from the line so that it reads:

Options FollowSymLinks

Save the changes and exit the editor.

Step 3: Restart the Apache Web Server

Restart the Apache web server to apply the changes. Run the following command in your terminal:

sudo service httpd restart

Step 4: Create or Edit the .htaccess File

If you do not have access to the httpd.conf file, or if you want to disable directory browsing for a specific directory, you can use the .htaccess file. Create a new .htaccess file in the directory you want to protect, or edit the existing one if it already exists.

See also  How to Remove Banned IP from Fail2ban on CentOS 6 / CentOS 7

Add the following line to the .htaccess file:

Options -Indexes

This line disables directory browsing for the directory and its subdirectories.

Commands Mentioned:

  • sudo service httpd restart – Restart the Apache web server

Conclusion

In this guide, we have shown you how to disable directory browsing on your website or blog using httpd.conf and .htaccess files. By following these steps, you can protect your server from potential security risks by preventing users from viewing the contents of your directories. We recommend that you always keep your web server and website security up to date to prevent unauthorized access. If you have any comments or suggestions for improvements, please feel free to share them below.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *