Disable directory indexing for Apache2

Being a default feature that many people find undesirable because it may allow some users to find files they’re not supposed to find, Directory Indexing may compromise the security of your website if you store sensitive or important data anywhere in your root server directory.

Luckily, it’s not too hard to prevent Apache2 from automatically indexing each directories

First, you need to find apache2.conf. It should be in /etc/apache2

Once you found it, open it with a text editor like vim or nano. If you do not have either of those installed, you can install them by typing the following in your terminal:

sudo apt-get install vim    # if you want to install vim
sudo apt-get install nano   # if you want to install nano

Now that this is done, you can edit **apache2.conf** by typing in your shell:

sudo vim /etc/apache2/apache2.conf

Scroll down until you find “Directory” followed by your root server directory (/var/www/ in most cases), by default it should look like this:

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

All you have to do to disable directory indexing is to remove Indexes from Options. Once you removed Indexes, it should look like this:

<Directory /var/www/>
    Options FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

Once this is done, you need to restart apache2 by typing the following command in your terminal:

sudo service apache2 restart

And there you have it! No more directory indexing.

Alternative fix

Another way to fix it, although less practical, would be to make an empty file called index.html in every directory. For instance, if you don’t want people to be able to see all your sound files, all you have to do is make a file called index.html where you store your sound files (e.g. your sound files are stored in /var/www/html/media, make a file called index.html in /var/www/html/media/).