How to Disable Directory Browsing in WordPress?

Disabling directory indexing is a vital matter as far as security is concerned in WordPress because the site you have made should be kept secure from all kind of threats and security flaws. The current article is a complete guide on How to disable directory browsing in WordPress. So, follow the guide till the end and you will learn how to set up no index for WordPress directory. The site you have designed and published consists of many directories and files and each one performs a peculiar function. If there does not exist a particular directory for a specific file, then you need to create that directory in order to execute a function properly. When there exist all kind of directories, files and folders in your WordPress site, you will not face any problem to perform a function.

How to Disable Directory Browsing in WordPress to prevent unauthorized access to important files, folders and directories?
Disabling Directory Browsing is a must to protect your site from malwares and threats.

When visitors visit your site, a particular post or page appears on his device’s screen based on the type of inquiry he provided. Now, the matter of fact is that in the search result your site’s directory too may appear if it is not disabled for browsing or indexation. And, if directories appear in the search result, your site may be vulnerable to external threats, malwares and hackers. They may break into your file and put malicious codes that may deface your files. A site encountered such kind of attack will lose trust and reliability both in the search engines and visitors. It will be a great loss for you. That’s why you should learn How to disable directory browsing in WordPress site.

How to Disable Directory Browsing via .htaccess file?

You can disable directory browsing in WordPress via the .htaccess file using an FTP client or via cPanel. All that you need to do is to add a single line of code in your WordPress site’s .htaccess file located in the root directory of your website. You can edit this file from remote location but you need to connect to your site through an FTP client like FileZilla.

The .htaccess file is a hidden file located in the root directory of your website. If you cannot find out and locate the file, then make sure that you have properly connected to your site using one of the FTP Clients, to show the hidden files.

Once you have located the file in the root directory, download it to your desktop. Make sure to create two backup copy of the file of which one will be edited and modified and the remaining one will be kept secure for backup in case you make any accidental error.

Now, open the .htaccess file which you want to edit and modify. To edit the file, you can use a plain Text Editor or Notepad. Once the file opened, just add the following line of code at the end of WordPress.

Options All-Indexes

The .htaccess file before editing and modifying looks like this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

The .htaccess file after editing and modifying looks like this:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Options All -Indexes

Steps to Go through to Disable Directory Browsing in WordPress

Want to disable directory browsing in WordPress? Of course, to tighten WordPress security, there are many ways and to disable directory for browsing is a common practice to that end. In order to disable directory indexing login to your WordPress and locate the Advanced tab as indicated below.

How to Disable Directory Browsing in WordPress?

In most web hosting integrated with cPanel, you can access it on logging in to your hosting account>>Advanced>>File Manager. Right-Click on the File Manager to open it. Once it opened, you can see the files within it. Now select and open the file you want to disable for browsing.

How to Disable Directory Browsing in WordPress?

Once the File Manager opened, it may look like this:

How to Disable Directory Browsing in WordPress?

You can see that the File Manager contains many files inside it. Right-Click the file and it will show a popup as indicated above.

Now, you need to change the file permissions.

How to Disable Directory Browsing in WordPress?

Each file is assigned a permission by default but in order to disable browsing on it assign it file permission 771 which means that the file can be accessed only by the owner and its groups, not by visitors. Once you entered 771 in the boxes provided for file permission, click Change Permissions.

Disable Directory Browsing via File Manager Indices

This method is similar to what I have mentioned above but here, you need to change Indices instead of file permission. So login to your WP-Admin panel and go to File Manager via cPanel. Open the File Manager which contains files and folders. Choose the file or folder you want to disable for browsing.

How to Disable Directory Browsing in WordPress?

So far, you have chosen the folder and right-clicked on it to edit it. When the folder is right-clicked, it displays a popup as shown above in the screenshots. Now, click on ‘Manage Indices’

How to Disable Directory Browsing in WordPress?

It takes you to the Index Manager where you can see multiple options to choose from like Inherit, No Indexing, Show Filename Only, Show Filename and Description etc. Choosing No Indexing disables file browsing and prevents it from appearing in search result. In WordPress, by default, in most files, the Inherit option is marked up for Indexing. So, change it and check the button labelled ‘No Indexing’. Once you have checked No Indexing, click on Save.

Disable Directory Browsing via Directory Indexing

You can disable directory browsing via directory indexing from within your cPanel. Login to your hosting panel from your web hosting account and you can see specific menus like Home, My Site, Domain, Advanced etc.

How to Disable Directory Browsing in WordPress?

Locate the Advanced menu and click on it. It takes you to the cPanel where from you can locate Index page under the Advanced section which contains Terminal, Error Pages, MIME Types, Cron Jobs, Apache Handler etc.

How to Disable Directory Browsing in WordPress?

Once you have located the Indexes under Advanced, click on it. It takes you to the Index Manager when you click on it. Here you can see the Current Directory and the Index Manager allows you to customize it as to how it appears in the search results.

How to Disable Directory Browsing in WordPress?

Now, you can see what are the Current Directories in your WordPress. Select the directory you want to disable for browsing so as to not appear in the search results in order to prevent unauthorized access to it. I have chosen Public_html to disable directory browsing.

Click on the Public_html folder and you will be taken to the Index page where Index Manager allows you to set up indexing for the chosen folder.

How to Disable Directory Browsing in WordPress?

By default, Indexing is set for Inherit. You need to change it to prevent indexing. So, check the button No Indexing and click on Save.

Also read: