How To Disable Directory Browsing In WordPress

Are you finding how to disable directory browsing in WordPress? If yes, then read this post for understood the procedure disabling directory browsing.

How To Disable Directory Browsing In WordPress


Why You Need To Disable Directory Browsing In WordPress

Did you know if you don’t restrict directory browsing, then users can browse your site directory. They can view your WordPress directory, they can browse your uploaded images. If you do not care about this issue, then your site may be hacked. So beware, change your setting to protect your blog from hackers.


By default, if you are server does not find an index file on a directory, then it automatically displays files have in this directory. If  you are not restricted then your upload directory looks like this below image.

To check your directory just type your URL before wp-content and enter.

For example-

How To Disable Directory Browsing In WordPress uploads directory

In this image, you see all directory showing for the public. So anyone can browse this directory.

Now it’s time to protect your blog directory. You can protect your directory to way.

  1. FTP Client
  2. Yoast SEO File Editor Tool

FTP Client:

To restrict directory browsing in WordPress, you need to add a single code to your .htaccess file. .htaccess file have in your site root directory. Just connect your site Via FTP client and download .htaccess file. After Downloading adds below the line in the .htaccess file and upload it.

Options -Indexes

Yoast SEO File Editor Tool:

You can disable directory browsing by Yoast SEO file editor tool. If you have not Yoast SEO plugin, then download it here.

Step: Yoast SEO > Tools > File Editor

Below See the image of Yoast Seo File Editor.

Disable directory browsing by Yoast SEO file Editor Tool

You can just copy the code and paste it Yoast SEO .htaccess box, then Click on save changes to .htaccess.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L] RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L] </IfModule>

# END WordPress
Options -Indexes

After completing those step, no one can browse your directory. If anyone try to visit this link, then the user will automatically redirect the page 404 not found.


Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.