Directory Browsing Test
About Directory Browsing Test
Check if your server allows directory browsing. If directory browsing is disabled, visitors will not be able to browse your directory by accessing the directory directly (if there is no index.html file). This will protect your files from being exposed to the public. Apache web server allows directory browsing by default. Disabling directory browsing is generally a good idea from a security standpoint.
Apache web server allow directory browsing by default. In order to disable directory browsing in apache web server you need to edit the .htaccess or httpd.conf file from your server.
-
Disable directory browsing using .htaccess file:
- If "Options Indexes" exists, modify it to "Options -Indexes" (add a "-" sign before "Indexes") or else add "Options -Indexes" as a new line
-
Disable directory browsing using httpd.conf file:
- Go to your own Virtual Host settings and look for "Options Indexes"
- If "Options Indexes" exists, modify it to "Options -Indexes" (add a "-" sign before "Indexes") or else add "Options -Indexes" as a new line
- Restart your apache web server