How To Disable Directory Browsing In cPanel?
What is Directory Listening?
Directory listing is a web server function that displays the directory contents when an index file is not available in a specific website directory. It is dangerous to leave this function turned on for the web server as it leads to information disclosure. So it is better to disable directory browsing.
For example, when a user requests any website without specifying a file (such as index.html, index.php, or default.asp), the web server processes this request, returns the index file for that directory, and the browser displays the website.
If the index file does not exist and the directory listing is turned ON, the web server returns the contents of the directory. Black hat hackers can find such files easily. For this reason, directory listing should never be turned on, especially in the case of dynamic websites and web applications, including WordPress sites.
Steps to disable directory browsing in cPanel
- Login to your cPanel account.
- In the Advanced section, click on Indexes.
- In the new window, click on Home buttom.
- Now, click on Edit button next to public_html directory.
- In the new page, select No Indexing and hit the Save Button.
So now, anyone trying to access the files will get 403 Forbidden error message.