How to Disable Apache Directory Listing (403 Forbidden Access Issue Caused by .htaccess File)
How to disable Apache from displaying directory listing?
By default, if you enter the following address in your browser:
http://localhost:8080/
and you have set your directory index file to index.html, and you have an index.html file in your file root directory,
the browser will display the content of index.html. If there is no index.html, the browser will display the directory listing of the file root directory,
which includes files and subdirectories under the file root directory.
(Note: Setting the index file:)
#Here, you can set the file that will be executed first when a directory is requested
DirectoryIndex echo.php index.html index.php
Similarly, if you enter the address of a virtual directory:
http://localhost:8080/b/
If there is no index.html in that virtual directory, the browser will also display the directory structure of that virtual directory, listing the files and subdirectories under that virtual directory.
How to disable Apache from displaying directory listing?
In the httpd.conf file, find a directive similar to this:
<Directory "D:/xx/xx/xx">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Modify the directive as follows:
Method 1: Add a "-" symbol in front of "Indexes" in "Options Indexes FollowSymLinks".
That is: Options -Indexes FollowSymLinks
Method 2: Change "Options Indexes FollowSymLinks" to "Options FollowSymLinks".
Method 3: Add a .htaccess file in the directory and write the directive: Options FollowSymLinks
The purpose of "Indexes" is to display the directory structure when there is no index.html file in that directory. Removing "Indexes" will prevent Apache from displaying the directory listing of that directory.
Note: Adding "+" before "Indexes" allows directory browsing; adding "-" prohibits directory browsing.
The above information is excerpted from: http://blog.chemdown.cn/server/prohibit-display-apache-directory-listing-indexes-followsymlinks.html
403 Forbidden Access Issue Caused by .htaccess File
Those who have used WORDPRESS may have encountered this problem,
such as zaphod22 who encountered it at http://wordpress.org/support/topic/htaccess-leads-to-403-forbidden?replies=6
In fact, this problem is also caused by improper setting of "Options Indexes FollowSymLinks". Of course, if you don't want to change the .ini file,
you can add the directive "Options +FollowSymLinks" in the .htaccess file.
Special note: For the directives in the .htaccess file to take effect, the "AllowOverride All" of the directory must be enabled.
Another note: Official documentation for setting redirects in .htaccess: http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html