How to Disable Directory Listing in cPanel

Apache’s web server default behaviour allows users visiting your website to see the contents of a directory if you haven’t defined a default index file (e.g. index.html or index.php).

Leaking such kind of information to the world is very dangerous because malicious users are given a better clue of your website structure or the building blocks of your web application.

In this, guide, we will show you how to disable directory browsing on cPanel and make your website more secure.

Prerequisites

Step 1: Login to your cPanel account

First, visit your cPanel account by typing the domain name followed by ‘/cpanel’. Enter your username and password and click on ‘Login’

Step 2: Locate Index manager from the dashboard

In cPanel dashboard, type the word ‘indexes’  on the search box as shown below and click the icon that appears below:

Step 3: Use Index Manager to disable directory listing

On the next screen, cPanel Index Manager will display all the top level directories from your hosting account. You need to select the directory that you want to customize. So, because you are protecting directories under the root of your website, select the ‘public_html’ folder

Next there is an option for customizing how your web directories will be viewed on the web.

The index manager allows you to choose from different options including:

  • Default System settings,
  • No Indexing,
  • Standard Indexing
  • Fancy Indexing

To completely switch off directory listing on your account, choose ‘No Indexing’ as shown on the image below:

Step 4: Testing the setup

Create a new ‘test’ directory under the ‘public html’ folder using cPanel file manager

Then, visit your new ‘test’ directory on a web browser using the URL ‘www.example.com/test’. Remember to replace ‘example.com’ with your domain name. If directory listing was disabled successfully, you should see the error message below.

Conclusion

That’s all when it comes to disabling directory browsing in your cPanel account. From this point forward, anyone trying to visit a directory with no default page will get a forbidden error message. This will add a new layer of security to your website because users will no longer be able to view the structure of your website or web application.

 

Check out these top 3 cPanel hosting services:

Was this article helpful?