Disable Directory Listings

1. 

   A screenshot of the plugin's admin options page.

How do I make a WordPress page appear when a user tries to access a directory on my site?

Create a page (not post) with the same name as the directory. And ensure the directory is listed in the plugin’s settings (found at Settings -> Directory Listings). If the directory you wish to create a page for is below another directory (relative to the root directory of your site) such as wp-content/plugins, then you must first create a page named wp-content, and then a page named plugins which you need to make a child page of wp-content.

I’ve activated the plugin but I can still see the directory listing for one of the directories protected by default; what gives?

Is your .htaccess writable? Visit the plugin’s options page, Settings -> Directory Listings, to check and find out more info.

Can’t I just configure Apache directly via its .conf file to prevent directory listings?

Yes. Assuming you already have virtual directory listing enabled and have edit/write capabilities on Apache’s httpd.conf file (or the .conf file containing the configuration for your site) you could remove the Indexes option, so that, for example:

Options All Indexes FollowSymLinks MultiViews 

becomes

Options All FollowSymLinks MultiViews 

Or you could add:

Options -Indexes

If you have the capability and knowledge to do this, that’s great and I urge you to do so. However, if you don’t have that capability because you are on a shared host and can’t edit Apache’s httpd.conf file, or you want some easier, fine-grained controls, you can give this plugin a shot.

2.0

• Use plugin framework v026, which among other things adds support for:
  • Reset of options to default values
  • Better sanitization of input values
  • Offload core/basic functionality to generic plugin framework
  • Additional hooks for various stages/places of plugin operation
  • Easier localization support
• Full localization support
• Update can_write_htaccess() to recognize (but not support) IIS7
• Add admin notice after plugin activation to warn user that rewrite rules need to be regenerated if their .htaccess isn’t writable
• Add __construct(), activation(), uninstall(), load_config(), register_filters(), install(), maybe_regenerate_rewrite_rules(), display_activation_notice(), options_page_description()
• Rename deinstall() to deactivate()
• Change handling of activation and deactivation
• Save a static version of itself in class variable $instance
• Deprecate use of global variable $disable_directory_listings to store instance
• Rename class from ‘DisableDirectoryListings’ to ‘c2c_DisableDirectoryListings’
• Remove docs from top of plugin file (all that and more are in readme.txt)
• Note compatibility with WP 3.0+ through WP 3.2+
• Drop compatibility with versions of WP older than 3.0
• Explicitly declare all class functions public
• Add PHPDoc documentation
• Add package info to top of plugin file
• Add ‘Text Domain’ header tag
• Improve documentation
• Change description
• Add Changelog and Upgrade Notice sections to readme.txt
• Add screenshot
• Update copyright date (2011)
• Add .pot file

1.0

• Initial release