When managing a website, prioritizing security is crucial. One common vulnerability is Apache’s default setting that enables directory listing. This means that if an index file (such as index.html or index.php) is absent, visitors can access a complete list of files and folders within that directory. This unintentional exposure of sensitive files can put your site at risk. Learning How to Disable Directory Listing in cPanel<\/a> is an essential step to protect your website from potential threats.<\/p>\n\n\n\n To prevent this security risk, it’s essential to disable directory listing on your cPanel server. In this guide, we\u2019ll walk you through the three best methods to secure your website by turning off directory listing effectively.<\/p>\n\n\n\n 1. Log in to cPanel.<\/p>\n\n\n\n 2. Navigate to File Manager and go to your website’s root directory (generally public_html).<\/p>\n\n\n\n 3. Edit or create a .htaccess file:<\/p>\n\n\n\n Right-click on .htaccess and select Edit.<\/p>\n\n\n\n If it doesn\u2019t exist, create one.<\/p>\n\n\n\n 4. Add the following line:<\/p>\n\n\n\n 5. Save changes and close the editor.<\/p>\n\n\n\n Verify: Visit a directory without an index file (e.g., http:\/\/yourdomain.com\/folder\/). You should see a 403 Forbidden error instead of a directory listing.<\/p>\n\n\n\n If you need to apply server-wide changes without modifying individual domain settings, WHM offers a centralized way to configure all domains on the server. Here\u2019s how to do it:<\/p>\n\n\n\n 1. Log in to WHM as the root user.<\/p>\n\n\n\n 2. Go to Home \u2192 Service Configuration \u2192 Apache Configuration \u2192 Global Configuration.<\/p>\n\n\n\n 3. Scroll to the “Directory Options” section.<\/p>\n\n\n\n 4. Uncheck the “Indexes” option if it’s enabled.<\/p>\n\n\n\n 5. Save and Rebuild Apache Configuration when prompted.<\/p>\n\n\n\n 6. Restart Apache:<\/p>\n\n\n\n Navigate to Home \u2192 Restart Services \u2192 HTTP Server (Apache).<\/p>\n\n\n\n Click Yes to confirm.<\/p>\n\n\n\n 1. Access the server via SSH as the root user.<\/p>\n\n\n\n 2. Edit the Apache configuration file:<\/p>\n\n\n\n 3. Find the Directory Block and modify it:<\/p>\n\n\n\n 4. Save the file and exit the editor.<\/p>\n\n\n\n 5. Restart Apache to apply changes:<\/p>\n\n\n\n Disabling directory listing is a simple yet effective way to enhance your website\u2019s security. Whether you prefer using cPanel, WHM, or SSH, the above methods will help you secure your directories from unauthorized browsing.<\/p>\n\n\n\n For maximum security, consider combining these steps with other server hardening techniques.<\/p>\n\n\n\nMethod 1: Using .htaccess (Per Website Basis)<\/h2>\n\n\n\n
Options -Indexes<\/code><\/pre>\n\n\n\nMethod 2: Using WHM (Global Settings for All Domains)<\/h2>\n\n\n\n
Method 3: Using SSH (For Root Access)<\/h3>\n\n\n\n
#vim \/etc\/apache2\/conf\/httpd.conf<\/code><\/pre>\n\n\n\n<Directory \"\/home\">\n Options -Indexes\n AllowOverride All\n<\/Directory><\/code><\/pre>\n\n\n\n#systemctl restart httpd<\/code><\/pre>\n\n\n\nConclusion<\/h3>\n\n\n\n