Guys,
Goodnight.

Today I'm going to talk about how to prevent unauthorized people from seeing the files and folders on your Apache web server by typing the name of a directory, such as www.yourdomain.com/images/.

By default, the Apache Web server will open the default file defined by the DirectoryIndex directive (Find out more here). If this file does not exist or does not have a pre-defined directive, the server will open the list of files and directories.

The vast majority of the time, this is not interesting and even facilitates possible attempts at cracking attacks on your website. Find out now how to control this.

Using the IndexIgnore directive
Through the IndexIgnore directive, we can block N file extensions that we don't want to be listed.

Examples:

## Impedir a listagem de arquivos no endereço www.seudominio.com/images/
IndexIgnore /images/*

## Impedindo a listagem do próprio .htaccess e várias outras extensões de arquivos, além do arquivo teste.xls
IndexIgnore .htaccess *.php *.js *.css *.htm *.html *.log *.sql *.pdf *.swf *.rtf *.doc *.odt teste.xls

Using the Options directive
This directive is more complete and simple, blocking any directory listing on your server and sending the HTTP 403 (Forbidden) error code to anyone trying to access it.

How to use:

## Impedindo a listagem de qualquer arquivo e diretório
Options -Indexes

Now your servers are more secure and private!
Until next time!