Prevent Directory Listing using .htaccess

Posted on March 9, 2008 
Filed Under htaccess, tips and technique

What is directory listing ?

As we know, most of the website contains “images” folder inside the root folder. If we type “www.somesite.com/images” in the browser and it shows the listing of the files in the browser like the picture below which means that directory listing is allowed on that web server. It’s better not to show the files inside the directory of the web sever for the security purpose.

prevent directory listing using htaccess

Why and what is prevent directory listing ?
Most of the web server are configured in such a way that it doesn’t show the listing of the directory but some of them are not.In some cases, you don’t want to allow users to view the files of the particular directry in such a direct way and prevent the listing of that directory.

How to prevent directory listing ?

Put the any one of following code into the .htaccess file

Options -Indexes
or
IndexIgnore *

If you place that .htaccess file in the root folder then direcotry listing is prevented of the sub-folder as well. And if you place the .htaccess file inside the “images” folder then directory listing are prevented of that particular directory only.

Let’s suppose that you don’t want to list “.jpp , .gif and .zip” and you don’t care about listing other files of that directory then you can out the following code inside .htaccess.

IndexIgnore *.gif *.jpg *.zip

Finally, If your server is setup with preventing directory listing then you can add the following code in the .htaccess file to allow the directory listing.

Options +Indexes

Popularity: 11% [?]

Enter your email address and get recent tutorials, tips, tricks and scripts of PHP, Ajax, JavaScript and CSS directly delivered to you email inbox:

Follow me on twitter at http://twitter.com/roshanbh.

Related Posts

» Change default directory page using .htaccess
» Prevent your website being displayed inside IFRAME
» 5 useful url rewriting examples using .htaccess
» Uploading large(big) files in PHP using .htaccess

Comments

5 Responses to “Prevent Directory Listing using .htaccess”

  1. Prevent Directory Listing using .htaccess | Website Directory on March 9th, 2008 8:57 am

    [...] post by Roshan Share and Enjoy: These icons link to social bookmarking sites where readers can share and [...]

  2. Change default directory page ( index page ) using htaccess on April 21st, 2008 3:27 pm

    [...] server just list the files inside that directory if the directory listing is enabled. You can also prevent the directory listing using .htaccess [...]

  3. Praveen on April 25th, 2008 5:21 am

    Hi Roshan,
    Thanks for this nice article. I have tried ur example but it is not working. Could you tell me how to create and use .htaccess file.

    Plz help me
    Thanks in advance

  4. Roshan on April 25th, 2008 8:41 am

    put Options -Indexes in .htaccess and it should work….but overriding should be allowed in httpd.conf file..

  5. propediotika on May 28th, 2008 7:38 pm

    Hi, thanks for this tip.

Leave a Reply