Are you finding how to disable directory browsing in WordPress? If yes, then read this post for understood the procedure disabling directory browsing.
Why You Need To Disable Directory Browsing In WordPress
Did you know if you don’t restrict directory browsing, then users can browse your site directory. They can view your WordPress directory, they can browse your uploaded images. If you do not care about this issue, then your site may be hacked. So beware, change your setting to protect your blog from hackers.
By default, if you are server does not find an index file on a directory, then it automatically displays files have in this directory. If you are not restricted then your upload directory looks like this below image.
To check your directory just type your URL before wp-content and enter.
For example- yourdomain.com/wp-content/uploads/2015
In this image, you see all directory showing for the public. So anyone can browse this directory.
Now it’s time to protect your blog directory. You can protect your directory to way.
- FTP Client
- Yoast SEO File Editor Tool
FTP Client:
To restrict directory browsing in WordPress, you need to add a single code to your .htaccess file. .htaccess file have in your site root directory. Just connect your site Via FTP client and download .htaccess file. After Downloading adds below the line in the .htaccess file and upload it.
Options -Indexes
Yoast SEO File Editor Tool:
You can disable directory browsing by Yoast SEO file editor tool. If you have not Yoast SEO plugin, then download it here.
Step: Yoast SEO > Tools > File Editor
Below See the image of Yoast Seo File Editor.
You can just copy the code and paste it Yoast SEO .htaccess box, then Click on save changes to .htaccess.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule># END WordPress
Options -Indexes
After completing those step, no one can browse your directory. If anyone try to visit this link, then the user will automatically redirect the page 404 not found.