Enhance Security: Disable Directory Browsing on Apache Linux Remote Server/VPS

How to Disable Directory Browsing on Apache

What is Directory Browsing?

Directory browsing allows anyone to view all the files and directories within a folder on your web server. This can pose a security risk as it may expose sensitive information.

Why Should We Disable Directory Browsing?

Disabling directory browsing is crucial for security. It prevents unauthorized users from accessing and potentially exploiting sensitive information on your server.

Method 1: Disable in Apache Configuration

1. Open Apache Configuration File

   sudo nano /etc/apache2/apache2.conf

2. Locate the Directory Block

   Find the following content:

   <Directory /var/www/>
       Options Indexes FollowSymLinks
       AllowOverride None
       Require all granted
   </Directory>

3. Modify the Directory Block

   Change the Options line to:

   <Directory /var/www/>
       Options FollowSymLinks
       AllowOverride None
       Require all granted
   </Directory>

4. Restart Apache

   sudo service apache2 restart

Method 2: Disable in Virtual Hosts File

1. Navigate to Sites-Available Directory

   cd /etc/apache2/sites-available

2. Open the Virtual Host File

   sudo nano 000-default.conf

3. Add Directory Configuration

   Add the following content:

   <Directory /var/www/html/>
       Options FollowSymLinks
       AllowOverride None
       Require all granted
   </Directory>

4. Restart Apache

   sudo service apache2 restart