# How to Enable or Disable Directory Listing
Directory listing is a server feature that displays the contents of a directory when no index file (e.g., `index.html` or `index.php`) is found. While enabling directory listing can be useful for certain applications, it can pose security risks if sensitive files are exposed. This guide will explain how to enable or disable directory listing using `.htaccess`, Apache, and Nginx configurations.
***
#### What is Directory Listing?
When a user accesses a directory on a web server without an index file, the server may display a list of all files and subdirectories. This behavior is called **directory listing**.
**Example of Directory Listing Output:**
```
Index of /files
Parent Directory
document1.pdf
image.jpg
script.js
```
This allows users to browse and access files directly, which may not always be desirable.
***
#### Why Enable or Disable Directory Listing?
**Reasons to Enable Directory Listing:**
* To allow users to browse and download shared files.
* Useful for public repositories or documentation directories.
* When you need quick access to files without creating an index page.
**Reasons to Disable Directory Listing:**
* Prevent unauthorized users from accessing sensitive files.
* Reduce exposure to security risks such as **information disclosure attacks**.
* Ensure that only intended pages and files are accessible.
***
#### How to Disable Directory Listing
**Disable Directory Listing via .htaccess (Apache Servers)**
For Apache servers, you can disable directory listing by adding the following line to the `.htaccess` file in your website’s root directory:
```apache
Options -Indexes
```
**Steps:**
1. Open **cPanel** or access your server via **FTP**.
2. Navigate to the **public\_html** directory.
3. Locate or create the `.htaccess` file.
4. Add `Options -Indexes` to the file.
5. Save the file and reload your website.
If directory listing is successfully disabled, visitors attempting to access a directory without an index file will see a `403 Forbidden` error.
**Disable Directory Listing in Apache Configuration (httpd.conf)**
If you have access to Apache’s configuration file (`httpd.conf`), you can disable directory listing globally:
1. Open the Apache configuration file:
```bash
sudo nano /etc/apache2/apache2.conf # For Ubuntu/Debian
sudo nano /etc/httpd/conf/httpd.conf # For CentOS/RHEL
```
2. Look for the `` section and modify it as follows:
```apache
Options -Indexes
```
3. Save the file and restart Apache:
```bash
sudo systemctl restart apache2 # For Ubuntu/Debian
sudo systemctl restart httpd # For CentOS/RHEL
```
**Disable Directory Listing in Nginx**
For Nginx servers, directory listing (autoindex) can be disabled in the configuration file:
1. Open the Nginx configuration file:
```bash
sudo nano /etc/nginx/nginx.conf
```
2. Locate the relevant server block and set `autoindex` to `off`:
```nginx
server {
listen 80;
server_name yourdomain.com;
location / {
autoindex off;
}
}
```
3. Save the file and restart Nginx:
```bash
sudo systemctl restart nginx
```
Now, directory listing will be disabled for your Nginx-powered website.
***
#### How to Enable Directory Listing
**Enable Directory Listing via .htaccess (Apache)**
If you need directory listing for a specific folder, add the following line to `.htaccess`:
```apache
Options +Indexes
```
**Steps:**
1. Navigate to the directory where you want to enable listing.
2. Create or edit the `.htaccess` file.
3. Add `Options +Indexes`.
4. Save the file and refresh the page.
**Enable Directory Listing in Apache Configuration**
To enable directory listing globally in Apache, modify the configuration file:
1. Open `httpd.conf` or `apache2.conf`:
```bash
sudo nano /etc/apache2/apache2.conf # For Ubuntu/Debian
sudo nano /etc/httpd/conf/httpd.conf # For CentOS/RHEL
```
2. Locate the `` section and modify it as follows:
```apache
Options +Indexes
```
3. Save the file and restart Apache:
```bash
sudo systemctl restart apache2 # For Ubuntu/Debian
sudo systemctl restart httpd # For CentOS/RHEL
```
**Enable Directory Listing in Nginx**
To enable directory listing in Nginx, modify the configuration file:
1. Open the Nginx configuration file:
```bash
sudo nano /etc/nginx/nginx.conf
```
2. Locate the server block and set `autoindex` to `on`:
```nginx
server {
listen 80;
server_name yourdomain.com;
location /files/ {
autoindex on;
}
}
```
3. Save the file and restart Nginx:
```bash
sudo systemctl restart nginx
```
Now, visitors can see a directory listing when they access `/files/` on your website.
***
#### Troubleshooting Directory Listing Issues
**Directory Listing Still Enabled After Disabling?**
* Ensure there are no conflicting `.htaccess` files in subdirectories.
* Restart the web server after making changes.
* Check the Apache configuration for other `Options +Indexes` directives.
**403 Forbidden Error After Disabling Directory Listing?**
* This is the expected behavior when directory listing is disabled.
* To allow access only to specific files, create an `index.html` file in the directory.
**Changes Not Reflecting in Nginx?**
* Ensure you restart Nginx after modifying the configuration.
* Check Nginx logs for syntax errors:
```bash
sudo nginx -t
```
***
#### Conclusion
Directory listing can be a useful feature but also poses security risks if not managed properly. By using `.htaccess`, Apache, or Nginx configurations, you can enable or disable directory listing as needed. Always ensure that sensitive files remain protected, and consider alternative file-sharing methods if necessary.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://learn.sitecove.com/how-to-guides/web-hosting/server-and-hosting-settings/how-to-enable-or-disable-directory-listing.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.