In Apache HTTPD server normally when you have no index or default page in a directory, a visitor may be served with a full list of files in that the directory.��Apache��httpd������ͨ��������û�������Ĭ��ҳ��һ��Ŀ¼�������߿��ʹ�������嵥�������ڸ�Ŀ¼�С� This could pose a serious security risk.����ܹ������صİ�ȫ���ա� It also exposes your files to the world at large, allowing them to be indexed by search engines and at the least pose privacy risk.��Ҳ��¶����ĵ������������ϵĴ�ʹ�����ܹ�����������������棬�������ٹ�����˽�ķ��ա� There are well known Google hacks which exploit this feature.�������Google�ڿ͹������������ô˹��ܡ� To stop default directory listing, add this to the htaccess file.ֹͣĬ�ϵ�Ŀ¼�б?��Ӵ���htaccess���ļ���

Options -Indexes ѡ��ָ��

This turns off index listing in the directory and all sub-directories under it.�⽫�ر�ָ�����У���Ŀ¼�����з�Ŀ¼�¡�

Note: In many web servers, directory listing may be turned off by default.ע�������Web��������Ŀ¼�б?�ɹص�Ĭ������¡�

One of the vulnerable folder in wordpress is wp-content.����һ����������ļ�����WordPress�ǿ�ʪ�Էۼ����ݡ� If you have a WordPress blog, check there to ensure that its content are not listed.�������һ��WordPress��ͣ��м�飬��ȷ��������û���г���