• Dreamhost Banner Ad

How To Disable Directory Browsing On Your WordPress Blog Easily

If you have a self-hosted WordPress blog, check the following links on your favorite browser:


replacing www.yourblog.com with your own domain name. You could also check other folders that you know exist on your wp-content folder.

If you see a list of files, it means that directory browsing is enabled on your blog host. This is a potential security problem because some people can check your plugins directory and exploit it if they see some of your outdated plugins. I used the Akismet and All In One SEO Pack directories as example because these are the most popular plugins I can think of.

One of the solutions to prevent this is to put a blank index.html file on your directories. I learned this from Techathand.Net. However, if you only put the index.html file on plugins directory, you only disabled directory browsing on plugins directory, and not on its sub-directories and other directories. So, you have to put index.html on all of the sub-directories to prevent them from accessing those sub-directories. But that’s a lot of work to do, isn’t it?

Here’s an easy option. You can do it easily by adding this line of code on your .htaccess file:

Options All -Indexes

Adding the lines above on your .htaccess file will disable directory browsing in all of your directories and sub-directories. They will see a 404 page instead. Got that line of code from the man with a big Adsense check. 🙂

Secure your WordPress blog. Add that single line of code on your .htaccess file. Now na! 😉

Marhgil Macuha

Marhgil Macuha is a Computer Engineering graduate of Batangas State University. He is currently a Senior Solutions Developer at a Canadian IT company.

Facebook Comments

Leave a Reply