Preventing the “Index Of” listing page using the Index Manager

Proper structure is important when building a website. Including an index page in each folder is one of the basic steps to both design and security. By default, if a visitor lands on a subdirectory without an index page, they will see an “Index Of” page that lists all files and folders under that directory. This can be at the least embarrassing and unprofessional and at most a security risk. Follow the instructions below to learn about preventing the “Index Of” listing page using the Index Manager in the cPanel.

How to prevent displaying the “Index Of” page via cPanel

  1. First, log into your cPanel interface.
  2. click on the tool icon

    Look through the categories listing on the right hand panel of the main cPanel page and find Advanced category. Click on the Indexes icon to continue.

  3. Select the domain by clicking on settings

    In order to select a domain, you will need to click on Settings. Click the drop-down arrow in order to select a different domain. Once you have selected your domain, click on Save changes.

  4. click which folder to protect

    Next is a page that lists all folders under the domain you previously selected. You can select any one folder to protect by clicking the name. If you select the root folder, the setting will cascade down to all other folders, protecting them all. In our example, we will select the public_html folder as it is the root for our primary domain and we want to protect all folders in the domain.

  5. select No Indexing to disable

    You are now brought to a screen where you can select the Indexing style you want to present. To prevent any index listing at all, simply select the No Indexing radio button. Click Save to activate your selection. Now you can visit your site and enter a subdirectory without an index file. You should receive a 403 Forbidden page instead of a list of files. Below is a before and after shot demonstrating how the No Index setting prevents the display of the file list.

    Before After
    before index protection enabled

    after index protection enabled

Thoughts on “Preventing the “Index Of” listing page using the Index Manager

  • I have hosted my .net core application on linux ubunto using Apche2 server but when i browes for windows system i am geeting index of\ and all my dll details. 

    Please suggest 

  • This is an outdated idea that I errorniously applied and it disorganized my server settings. Now I am having Internal Sever Error and all my client are compalining.

    Please take this down before the same thing happens another person.

    Thank you.

    • Hello,

      I’m sorry to see what happened and appreciate you bringing this to our attention. It seems like this may be circumstantial, in which case, more details surrounding the conditions of your circumstances would help to ensure that we include any exceptions and/or notes regarding the internal 500 error you experienced. Would you be able to provide any additional details as to what changes caused the issue and what the resolve was?

      Again, I’m sorry to see that you had a negative result from following the steps in this guide.

      • Hi! this happened to me too. I have a https website and wanted to prevent directory browsing. Followed the instructions exactly as mentioned here. Now, I get the 500 internal error. The error log page is empty. Have tried to revert the change back by setting indexes of the publichtml folder to default system setting but didn’t work.

        Any suggestion?

  • i have Index.html file in my Public_html folder still i am getting Index of/ error. 

    And i dont i cgi-bin folder in my public_html folder. Is that effecting my files.

    • The index option in this article has to do with accessing a listing via browser. Disabling it will not affect your SEO. If you’re referring to cache indexing, then it’s different. It is a fact that slower loading sites can affect how search engines place a site. If disabling indexing will slow the site load times to unsatisfactory time, then it may not be advised if you are trying to keep your search results in place.

  • Hi, I followed this article but for some reason my website’s directories and files are still browseable. I also tried doing it manually, by adding Options -Indexes to my htaccess file, with no luck. Any idea where I’m going wrong? My site is in a subfolder in my public_html directory if that helps, although Idon’tt think that matters does it? 

    • Unless you have another .htaccess file in the subfolder that disables it, it should not matter. Have you cleared your browser cache to be sure it is not a browser issue?

  • Can we also put an index.php file in the directory redirecting back to the main index page of the site? Or, would this not be advisable?

  • I had the same problem and followed the steps above in this example and got the 403 forbiden page.

    So what next becaause i need to see my website online insteadof the 403 page.

    thanks.

    • Hello Yosia,

      If you are now seeing the 403 it means that there is no index page for your site in that folder. You will need to upload one.

      Kindest Regards
      Scott M

    • Thre is an explicit configuration option set within the “Index Manager” of “Default System Setting”

      Where can I modify the default?

    • I followed all how to do but keep getting a “Enter user name and Password” in google browser, not a direct download starts? But I do not wish for any body to just access files from the directory only from link. How can I do this please?

Was this article helpful? Let us know!