CPanel setting to prevent directory listing of all files
* content/text (html/php files),
* image/picture files,
* video/flash files,
* CSS files,
* other files (Excel, zip, movie, etc)
Similarly, image and picture files are usually stored in "/image" or "/img" directory.
Therefore, it's not uncommon to not have any webpages (html/php file) in the image/picture directory since this directory was created intended to only store images and pictures.
However, did you know that by default, Apache webserver displays the listing of all files in the directory if there's no "index" file found? (whether it's index.html or index.php, etc)
Although the websites probably won't have any link on the page that opens their image directory, it's possible for anyone to type to url like www.somewebsite.com/images or www.somesite.com/files and it would display a page like below:
This basically exposes all of the files (whether they are pictures, movies, or important documents) to be directly downloaded by the visitors, and this was probably not what was intended.
If your hosting has CPanel, then this can be easily prevented and blocked.
Go to the Apache configuration page under the Service Configuration group then click on the Global Configuration option.
Once you are in the Global Configuration page, scroll down to the "Directory / Options" section then make sure to uncheck the Indexes option checkbox. That's it!
This change will prompt you to rebuild the Apache configuration file and restart the Apache server. Once it's done, you should now see the below message if you try to access the "images" or "files" directory
Leave a comment
If you sign up and log in:
OK, Sign me up!
However, there are times when unintended content is converted to emoticon because the content happens to have one of the emoticon symbols. That's why it's always good idea to preview your comment before posting and when you see this type of problem, you can indicate NOT to auto convert.