How can I turn off directory indexing?

General | Updated 2026

If visitors can browse a list of files in your directories by going to a URL like yourdomain.com/images/, directory indexing is enabled. This is a security risk because it exposes your file structure. Here is how to disable it.

Quick Fix

Add one line to .htaccess

Add this line to your .htaccess file in public_html:
Options -Indexes
This tells Apache to return a 403 Forbidden error instead of showing a file listing when no index file exists in a directory.

01. Disable via .htaccess

Open or create the .htaccess file in your public_html directory and add:

Options -Indexes

This applies to all subdirectories as well. If a directory does not contain an index.html or index.php file, visitors will see a 403 error instead of a file listing.

02. Disable via cPanel

  1. Log into cPanel at my.ultrawebhosting.com
  2. Go to Advanced > Indexes
  3. Navigate to the directory you want to protect
  4. Select "No Indexing"
  5. Click Save

03. Why This Matters

When directory indexing is enabled, anyone can see the names and sizes of all files in that directory. This can expose backup files, configuration files, uploaded documents, or other content that should not be publicly visible. It also gives attackers a map of your file structure.

Tip

As an extra precaution, place an empty index.html file in any directory that should not be browsable (like /uploads/ or /includes/). Even if someone removes the Options -Indexes directive, the empty index file will show a blank page instead of a file listing.

For more on securing your .htaccess configuration, see the Complete Guide to .htaccess.

Need Help Securing Your Site?

Our support team can review your site's security configuration and help lock down exposed directories.

Open a Support Ticket

Quick Recap

  1. Add Options -Indexes to .htaccess - Disables file listings
  2. Or use cPanel > Advanced > Indexes
  3. Applies to all subdirectories below the .htaccess file
  4. Visitors see 403 Forbidden instead of a file list
  5. Place empty index.html files in sensitive directories as an extra layer

Securing your website directories · Last updated March 2026 · Browse all General articles

  • 460 Users Found This Useful

Was this answer helpful?

Related Articles

When should I use ascii and when should I use binary?

FTP | Updated 2026 This Article Has Moved ASCII mode converts line endings for text files...

Point Multiple Domains to the Same Website

General | Updated 2026 If you want multiple domain names to show the same website, you can...

Point my domain to my wix account

General | Updated 2026 If you want to use a domain registered through Ultra Web Hosting with...

Error 508/503 - Resource Limit Reached

Errors & Troubleshooting | Updated March 2026 A 508 "Resource Limit Is Reached" or 503...

Common Search Engine Optimization Tips

General | Updated 2026 Search engine optimization does not have to be complicated. Here are...



Save 30% on web hosting - Use coupon code Hosting30