Stop Apache Listing Directories
From time to time I wish to use a directory/folder on a website that does not contain an index, home or default file. With Apache this means that if a web browser is pointed to a folder and there are no such files in that folder, the user will be giving a listing of files. For Example:
This is fine if you want a quick way to let your users get access to files, but it can also be security risk as users can then navigate to sub folders and parent folders almost as if they have got inside the inner workings of your folder structure. Any hidden folders that you don't intend to be public can therefore be found more easily.
If you wish to stop this from happening there is an easy fix:
Simply add the following line to your .htaccess file on the root folder of your website:
And then, if the user stumbles upon the folder, they will see.
Basically a 403 error message.