Prevent your server from displaying the entire contents of a directory or folder.
Whenever you have folders with large amounts of files or important administration
files, it is essential to prevent directory listings, otherwise all of the
files in the folder will be listed to anyone who wants to see them, including
hackers. When hackers can find an administration file, it makes their job
a little easier. Now that a hacker has found the admin login page, all they
have to do is "crack the safe". To prevent this from occuring, disable directory
Start out by opening your .htaccess file or create a new one. (If you are
new to .htaccess files, please read the Introduction
to .htaccess files tutorial to find out how to use and create .htaccess
In your .htaccess file, add the following to the next available line.
(The * is known as a wildcard and means all files.)
Sometimes you may want to exclude the listing of files with certain extensions. To do this, use the following line. (You may change .gif and/or .jpg to any format you would like to exclude. You may also add as many formats to the list as you would like to exclude.)
IndexIgnore *.gif *.jpg
Congratulations! Your site is now more secure from curious hackers trying to take over your site and its files.