2

How to Disable Directory Browsing in WordPress Using .htaccess

If you don’t have an index file in your WordPress directory, then the web server automatically displays an index page containing your website files and folders. This index page is visible to all users and they can easily see which wordpress theme and plugins you are using and know more about your website structure.

Index Page of a WordPress Site

 

This is where hackers can exploit your site with the known vulnerabilities in your WordPress theme and plugins to gain access. They can also see your website files and can download them. If your WordPress security is not high enough, then it will be easier for them to hack your website. By disabling, directory browsing in WordPress can solve the issue and it will strengthen your WordPress security.

In this article, I will show you how to disable directory browsing in WordPress.

Before we start, lets first check whether the directory browsing is enabled or not on your WordPress site.

From your web browser, enter your website name. If the browser displays an index page of your website content, then the directory browsing is enabled. If you see a blank page, then the directory browsing is disabled.

How to Disable Directory Browsing in WordPress Using .htaccess

Disabling directory listing in WordPress is quite an easy process.

First login to your web hosting cPanel and go to the root directory of your WordPress site. From there, find the .htaccess file.

If you don’t find a .htaccess file inside the root directory, make sure you have checked show hidden files option from settings.

cPanel SHow Hidden Files

Now edit the .htaccess file add the following code in the end.

Options All -Indexes

In general, the .htaccess file contains the following:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /example.com/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /example.com/index.php [L]
</IfModule>
# END WordPress

After modifying the .htaccess file, it will look like this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /example.com/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /example.com/index.php [L]
</IfModule>
# END WordPress
Options All -Indexes

After that save the file and you are done. You have now disabled directory browsing in WordPress.

You can go to your web browser and type your website name, you will either see a blank page or access forbidden page.

Access Forbidden

I hope this tutorial helped you to disable directory listening in WordPress. If you have a question about this topic, leave a comment below. Don’t forget to share it with your friends.

 

Related WordPress Articles,

Jyoti Prakash Ray
 

Jyoti Ray is the founder of WPMyWeb.com. He writes about Blogging, WordPress tutorials, Hosting, Affiliate marketing etc. He mostly spends times on blogging, reading books and cooking.

2
Leave a Reply

avatar
1 Comment threads
1 Thread replies
1 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
Jyoti Prakash RayRahul kr Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Rahul kr
Guest

Dear sir my website is at wordpress and i want to sumite xml site map .
Sir i want to know that
1. Plugin method to
2.xml site map . Com
Which method is good for me

Send this to a friend