Skip to main content

Improving your WordPress website security is always a good route to take. One of the easiest ways to tighten things up for your website is to block directory listing on WordPress website. You don’t know how to do it? Follow this article.

Block Directory Listing Benefits

By blocking directory listing, you improve your website security in a way that you prevent unauthorized users from accessing the contents of your website’s directories.

Another benefit is that if you have files or directories that contain sensitive information, blocking directory listing can prevent them from being accessed by anyone who stumbles upon your website.

To block directory listing on WordPress website, follow these simple steps:

The Steps:

  • Access your website’s File Manager or use an FTP client to connect to your website’s server. In our case, it is cPanel.
  • Go to your public_html or any directory which holds your WordPress installation.
  • Locate the .htaccess file in the root directory of your website.

Note: if you cannot see .htaccess, simply click on Settings in the right-hand side, click on “Show Hidden Files (dotfiles)”, and click save.

  • Open the .htaccess file by right clicking on the file then click on Edit.
  • Add the following code to the file:
Options -Indexes
  • Save the .htaccess file.
  • Verify that the directory listing has been blocked by attempting to access the directory in your web browser. If you have successfully blocked directory listings, you should receive a “403 Forbidden” error, or being redirected to your website’s home page.

You may also want to block user ID Phishing on your WordPress website, if you have not done it already, visit this ARTICLE to do it.

If this article was useful, please leave a review below. Or check out other blog posts by clicking on this link.

Leave a Reply