Disable directory indexes server wide

Written by Jacob Nicholson

By default Apache's DirectoryIndexes value is turned on server wide. This allows the files in a folder to be viewed via a directory index when there is no index file present in that directory.

If you happen to have read our previous article on how to pass PCI compliance scans, leaving DirectoryIndexes on is a common way to fail a PCI scan. In this article we'll walk you through disabling this server wide on your server, please note that this would require root access to your server.

  1. Log into WHM
  2. In the top-left Find box enter in Apache, then click on Apache Configuration.
    whm-click-on-apache-configuration
  3. Click on Global Configuration.
    whm-click-on-apache-global-configuration
  4. Scroll down to the Directory "/" Options section, then un-check Indexes.
    whm-un-check-apache-indexes
  5. Scroll down to the bottom of the page and click on Save.
  6. Finally click on Rebuild Configuration and Restart Apache, Apache can take up to a few minutes to rebuild and during this time your websites won't respond to requests.
    whm-click-on-rebuild-configuration
  7. You should see that Apache was successfully restarted now.
    whm-apache-successfully-restarted
  8. Now when you try to browse to a directory that doesn't have an index file, you'll receive an error instead of a directory listing.
    directory-listing-on-exampledirectory-listing-off-example


You should now know how to disable Apache's DirectoryIndex setting server wide on your server. This can help increase security by ensuring a directory that doesn't include an index file isn't exposing any other possibly sensitive files.

Like this Article?

Login to comment.

Support Center Login

Your Opinion Matters

... but we need to know what you're thinking!

I'm Jacob Nicholson, your friendly Community Support technician, and I wrote the article you're looking at now. I like to think it's perfect, but I'm sure you have some suggestions. Please, let me know what they are!

Feedback
Your Email Address
Because we'd like to talk with you!

Latest Questions

If you need some help, submit your question to our Community!
We guarantee a response within 60 minutes (8am - 9pm EST, Monday - Friday)
Ask a Question!
Recent Questions
  1. The best way to setup an external MS exchange server as the main mail server with inmotion hosting as the backup mail?
  2. Can I create a website on another website (e.g. Wix) and have it hosted on my inmotion domain?
  3. Why can't I see my updated web files on my website?
Browse other questions

Need more Help?

Search

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail: support@InMotionHosting.com
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!