Sciencetext Tips & Tricks
Blogging tips, browsing tricks and computing hacks

Bill Gates on The Daily Show Volcanic Discrepancies

Prevent Directory Listing

January 31st, 2007 · by David Bradley

If you followed my advice to move from Blogspot to your own domain hosted Wordpress blog, then you may have noticed (depending on how your new host server is set up) that opening certain directories produces not the page you were expecting, but a listing of the contents of that directory.

Now, that’s not usually a problem for most users, it just generates an ugly directory that makes your site look unprofessional. However, it can expose file and folder names on your server that you don’t want visitors to browse and read.

There is a very quick fix for this.

Open your .htaccess file (usually in the root folder or public_html)

near the top simply enter the following line of code and save the file.

IndexIgnore *

Now, when you try to open that “directory listing” it won’t display the folder’s contents.

If you don’t want to block all browsing, just gifs and jpgs or zip files for instance, then use the following syntax instead:

IndexIgnore *.gif *.jpg

IndexIgnore *.zip

IndexIgnore *.mp3

(You get the picture)

Conversely, you might actually want to allow browsing of directories, but it’s disabled on your host by default. Again, it’s a .htaccess issue, see if IndexIgnore is already in there and delete it, if not enter this line instead:

Options +Indexes

That opens up directory listing for the root folder (and/or any other folders in which you have a .htaccess file).

However, even that is not a particularly elegant solution. What I was finding till I did the following tweak was that Wordpress was displaying the contents of the feed folder rather than displaying the feed. So, here’s the solution that makes a click on that directory do the right thing. Open CPanel and navigate to your Index Manager. Click the feed folder (or whichever folder you want to block directory listing of) and choose “No Indexes”. That got my rss feed for this site working properly, and if applied to other folders too prevents directory listings and spawns a 403 error page, which can be customized. More on custom 404 and 403 pages another time

0 responses so far ↓

  • Got something to say? Start a comment thread here. Top commentators get a FREE link on the homepage!

Leave a Comment

Comments are checked for spam before appearing, no need to post it twice.

Related Posts