Many of our users got asked for more and more WordPress security tricks, tips, and hacks. Well, we have already covered how you can password protect the WordPress admin page.
However, most beginners are missing one crucial security tip on their blog! And that is disabling the directory browsing. So, in this post, we will show you how you can disable directory browsing in WordPress and make your blog even safer!
So, let’s get into the topic.
Why Disable Directory Browsing? Why Disable Directory Browsing?
The simple answer is for improving our blog’s security.
Here’s an example of a directory browsing enabled WordPress website.
Your files will be visible to the world. This is not good for security. A hacker could easily find the vulnerability and attack your website. When we care about WordPress security, we need to ensure that directory browsing is disabled.
For fixing a compromised/ hacked WordPress website, the experts will charge more than $200 for an hour! So, we recommend you keep your WordPress blog updated and safer.
How To Disable Directory Browsing in WordPress? How To Disable Directory Browsing in WordPress?
Disabling directory browsing is pretty simple.
All you need to do is, edit your current .htaccess file and add a single line of code. As you know, most SEO plugins like WordPress SEO by Yoast, Rank Math, and All In One SEO Pack offer something like this. So if you are using any of this, you can do it from the plugin’s settings.
However, we will cover both methods: using the SEO plugin and without an SEO plugin.
Using Yoast SEO Using Yoast SEO
Yoast SEO is a free and awesome WordPress SEO plugin. With more than 5 million active installs, the plugin is the loved one in the community.
SO I think you are already using this plugin on your blog. Configure the Yoast SEO properly. Under the Yoast plugin settings, you can see the tools option.
Then, choose the file editor.
From there, you will be able to make changes to your
- Robots.txt file
- and .htaccess file.
Copy the code from below.
Options -Indexes
Paste it at the end of your .htaccess file and save the changes.
You are done! Now, let’s move to the alternate method.
FTP Method FTP Method
Thankfully, we have got several FTP clients which we could use. Some of the top and famous ones are:
- FileZilla
- Cyberduck
- FireFTP
- CuteFTP
- SmartFTP
- Core FTP
and so on.
In our case, FileZilla is our favorite FTP client. So, we recommend that one. FileZilla is free FTP software. You can download it to your system from their official website.
Install it on your PC. The next thing we need is to get the FTP account credentials. If you have already created an FTP account, you could use the existing credentials. When you don’t have one, log in to your cPanel account, and you will be able to create one from there.
Launch the FileZilla program.
For connecting to your server, you need a few things.
- Hostname.
- Username.
- Password.
- Port.
Retrieve that information from your FTP accounts section and connect the client to your web server.
You can see we have successfully linked to the remote server. Next, go to the installation folder of WordPress. In our case, we have installed the CMS in our public_html folder.
There, you could see the htaccess file.
Right-click on the file choose the edit option. The file will be opened in the default text editor. In the end, add the code and save the file. After you close the text editor, it will automatically upload to your web server.
Done!
You have successfully disabled directory browsing in WordPress.
Which Method Is Best? Which Method Is Best?
As you can see, both methods are easy and won’t take too much time. Most SEO plugins offer the htaccess editor and robots.txt editor in their options. If your SEO plugin got the settings, feel free to change it using the plugin.
Try the FileZilla method when your plugin doesn’t offer something like this. In that case, you may want to consider creating an FTP account.
We hope you found this post helpful and enjoyed the read. Please consider sharing this post with your friends and fellow bloggers on social media if you did. Also, for more incredible WordPress tutorials, you need to check out our blog.
