Do you want to disable Directory Browsing in your WordPress site? It is a good idea to do this from a security perspective.
If Directory browsing is enabled on your site, then anyone can view the content of your site’s folder (directories), which is not good.
Hackers often take advantage of directory browsing to detect the site’s weaknesses and then try to hack it.
Sound is scarry!
But do not worry, in this article I will tell you how to disable directory browsing in WordPress using the .htaccess file.
Brief Descriptions of The Content
Why Disable Directory Browsing
Directory browsing is often used by hackers. They locate the file’s weakness on your site and try to hack the site with the help of that file.
Directory browsing is also used by other people. They use directory browsing to view your site file, structure and other information. So I would recommend you to disable directory indexing and browsing.
And you will not want it – anyone can view the sensitive file on your site.
How to Know Directory Browsing is Disable on My Site
Just have to open http://yoursitename.com/wp-includes/ link in your browser.
If Directory browsing is enabled on your site, then you will see something like this. You have to disable it.
So let’s start …
Disabling Directory Browsing Using .htaccess File
Disabling it is not a difficult task. Just need to add one line of code to your .htaccess file. This .htaccess file is found in the root folder of your site.
Note: Take a backup of your site before modifying the files. A single mistake can break your site or cause other problems. Backup can revert to a working copy of your site.
To edit this, first, log in to your hosting cPanel. Then go to the root directory. Here you will see your .htaccess file.
Also, you can edit the .htaccess file by connecting your site to FTP.
Now paste the code into your .htaccess file and update your .htaccess file.
Options -Indexes
Congratulation! You have disabled Directory Browsing on your site.
Now when someone tries to browse
Final Thought
Here I told you to disable directory browsing and indexing using the .htaccess file. If you want to use the plugin to disable it, you can use the security plugin like Sucuri or All In One WP Security & Firewall Plugin or Hide My WP Ghos.
Site security can be improved substantially by disabling directory browsing. But many bloggers forget about this loophole which makes the job for the hacker a lot easier.
I’ve done it, and now it’s your turn! Find this article helpful? Don’t forget to share!
Leave a Reply