deny directory listing with htaccess

Question

I have a folder, for example : /public_html/Davood/ and too many sub folder in folder, for example : /public_html/Davood/Test1/ , /public_html/Davood/Test1/Test/ , /public_html/Davood/Test2/ , ...

I want add a htaccess file into /public_html/Davood/ To deny DirectoryListing In /Davood And Sub Folders, It's Possible ?

Answer 1

Options -Indexes should work to prevent directory listings.

If you are using a .htaccess file make sure you have at least the "allowoverride options" setting in your main apache config file.

Answer 2

Try adding this to the .htaccess file in that directory.

Options -Indexes

This has more information.

Answer 3

If Options -Indexes does not work as Bryan Drewery suggested, you could write a recursive method to create blank index.php files.

Place this inside of your base folder you wish to protect, you can name it whatever (I would recommend index.php)

<?php

recurse(".");

function recurse($path){
    foreach(scandir($path) as $o){
        if($o != "." && $o != ".."){
            $full = $path . "/" . $o;
            if(is_dir($full)){
                if(!file_exists($full . "/index.php")){
                    file_put_contents($full . "/index.php", "");
                }
                recurse($full);
            }
        }
    }
}

?>

These blank index.php files can be easily deleted or overwritten, and they'll keep your directories from being listable.

Answer 4

For showing Forbidden error then include these lines in your .htaccess file:

Options -Indexes 

If we want to index our files and showing them with some information, then use:

IndexOptions -FancyIndexing

If we want for some particular extension not to show, then:

IndexIgnore *.zip *.css

Answer 5

Options -Indexes perfectly works for me ,

here is .htaccess file :

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes <---- This Works for Me :)
    </IfModule>


   ....etc stuff

</IfModule>

Before :

After :

Answer 6

There are two ways :

1. using .htaccess : Options -Indexes

2. create blank index.html

Answer 7

Options -Indexes

I have to try create .htaccess file that current directory that i want to disallow directory index listing. But, sorry i don't know about recursive in .htaccess code.

Try it.

Answer 8

Agree that

Options -Indexes

should work if the main server is configured to allow option overrides, but if not, this will hide all files from the listing (so every directory appears empty):

IndexIgnore *

Answer 9

Options -Indexes returns a 403 forbidden error for a protected directory. The same behaviour can be achived by using the following Redirect in htaccess :

RedirectMatch 403 ^/folder/?$ 

This will return a forbidden error for example.com/folder/ .

You can also use mod-rewrite to forbid a request for folder.

RewriteEngine on

RewriteRule ^folder/?$ - [F]

If your htaccess is in the folder that you are going to forbid , change RewriteRule's pattern from ^folder/?$ to ^$ .