Disable Directory Browsing Without Plugin to keep your WordPress files safe from snooping bots and hackers. Here’s how to do it with a simple .htaccess tweak.
Step 1: Add the Directory Browsing Disable Code
Add this line to your site’s .htaccess file:
# Disable directory browsing
Options -Indexes
How It Works
This directive tells your server not to display a list of files when no index file exists in a folder. Instead, visitors see a 403 Forbidden page.
Why Disable Directory Browsing Without Plugin?
Leaving directory browsing on exposes your site’s file structure. Hackers and bots can use this to find vulnerabilities or sensitive files.
Common Mistake
Some custom folders may need an index file to prevent access errors. Test your site after adding this rule to make sure nothing breaks.
Pro Tip
Put this line at the top of your .htaccess file for site-wide protection.
Related Snippet
If you liked this, check out my guide on disabling author archives without a plugin in WordPress.