Disabling of directory browsing in WordPress is necessary to mitigate the vulnerability attacks since it shows all available files in the content directory.
Now, What is directory browsing in WordPress?
Once we installed and access our web server using a browser, by default it immediately looks for index.php or html to show something, however, if any of them is not available, it will display other files of the same directory. Such as images, text files etc. Thus, in case you are using some plugin or theme which is old or vulnerable, any hacker can easily know about them. Therefore, it is a good idea to disable directory browsing unless and until you don’t need it deliberately to show some content.
Disable Index or Directory browsing in WordPress without any plugin
We can stop listing of files in WordPress without any plugin, what we need is only the access of .htaccess file.
- Go to your hosting Cpanel.
- Open File Manager.
- Click on the Public_html folder or where ever you have your website WordPress files.
- Select the .htaccess file and click on the Edit button given on the top.
- In the
.htaccessfile scroll down to the bottom and simply add this line:
- Click on the Save Changes button given on the top right side.
- Now again try to list the index files or directory of WordPress in the web browser, however, this time you will get a message that the page has been deleted or move with 404 output.
Stop directory listing in WordPress using Yoast SEO
If you already a user of popular Yoast Plugin then you don’t have to look for any other plugin or CPanel. Just click on Yoast SEO option given on the left side in the WordPress Admin Dashboard.
Click the File Editor to quickly edit files such as robots.txt and .htaccess files.
Now, simply go to
.htaccess section and scroll down to the end, where just paste this value:
Hit the Save Changes to .htaccess button.