WEBFI-WordPress-How to Disable Directory Browsing in WordPress

If your webserver does not find an index file it automatically displays an index page showing the contents of the directory. This makes your site vulnerable to hacks by showing the information needed to get into your theme or a plugin. In this video, we will show you how to disable directory browsing in WordPress.

If you liked this video, then please Like and consider subscribing to our channel for more WordPress videos.

Text version of this tutorial:

Follow us on Twitter:

Checkout our website for more WordPress Tutorials

Summary of this Tutorial:

Start by connecting to your site using FTP.

You will need to edit your .htaccess file in the root directory of your site found in your root directory.

If you do not see the file you will need to tell your FTP client to show hidden files.

Download your .htaccess and open it in a text editor like notepad and add the following to the bottom:

“Options -Indexes”

Then save the file and reupload it to your server with your FTP client.



  • Frank Sterling on July 9, 2014

    Thanks WPBeginner Keep em coming!

  • soferet2 on October 1, 2015

    Exactly what I needed!

  • MEDOPTIM on November 17, 2015

    Hello, got this problem "only on mobiles" :
    Would this solve my problem? Sadly it's very important for me to show my meta tag… for indexing on computers
    My web site is
    If you know how to, would be great as I'm afraid in loosing indexing. 🙁

  • Meagtr Descon on February 14, 2016

    Awesome nice and sweet!

  • warever37 on April 29, 2016

    If i'm selling a digital product, which folder do you recommend uploading it to? and should it be indexed? Thanks.

  • CG Licence on June 27, 2017

    how to protect my video files on my server, i wanna use wplms

  • xSyberprox on September 21, 2017

    Thank you very much for this!

  • Oraciones y vida on March 17, 2018

    Hola buenos días: Attention!!!!!!!!!!
    I did what it says in the video but it gave me an error 500 the whole web disappears, I had to delete that code. This indicates that the cure is worse than the disease

  • Sara on October 26, 2019

    Thank you so much for all your helpful videos! 
    I am about to enhance the security of my website, and I have read a lot of useful articles in your website even the old once, and I am so thankful about it!
    But I have few question about it, first, the progress of Disable File Editing and Disable PHP File Execution in Certain WordPress Directories by adding codes in .htaccess file won’t prevents WordPress from upgrading WordPress core files, the plugins and the theme files? So the automatic security updates for WordPress core and the plugins will be disabled?
    ALSO, what you think about moving the wp-config.php outside the web root which so many disagree it and many others say it enhance the security. Or do you suggests me only to secure my WordPress Configuration File by adding a code to the .htaccess file to limit access to this file? 
    Thanks again!

  • Mr Bitcoin on January 10, 2020

    Thank you so much for this extremly helpful and smoothly steps, A++ youtube channel, Thank you for all of your team behind this channel <3 , people like you are what making the world a better place by sharing and educating

  • Doug's Dog Training and Day School on January 26, 2020

    How do I find my root folder in my Cpanel for my site? Uggg I hate not knowing basics but I love to learn

  • krishna sahani on August 27, 2020

    Awesome tutorial

WhatsApp us
Live Chat

Office hours operation Mon-Sun 8:00 am ET – 4:00 pm ET

To start your Premium WP or Cpanel service, use our domain search engine, if the domain you want is available, contact us by Whats app to activate your project.

The easiest, fastest, and most secure way to communicate with us.
Please enter your domain.
Please verify that you are not a robot.

Terms Privacy