Whenever a visitor tries to access a specific directory on your site, say www.mysite.com/products, WordPress uses the index.php file to load its content. However, on some servers, index.php is not loaded automatically. In such cases, either a 404 error message or the content of the directory is displayed. Doing this can expose sensitive information about your site to potential attackers. We already learnt in one of our articles about how you can disable directory browsing and protect your site against attacks. Another way of mitigating the problem is to specify the index page to be used for a given directory. You can change the default index page with htaccess using the DirectoryIndex directive.

To enable DirectoryIndex, add the following line to your htaccess file, replacing filename with any file of your choice –

DirectoryIndex filename

You can also specify multiple filenames as part of this directive.

DirectoryIndex index.html index.cgi default.html

Whenever a visitor accesses a directory within your site, the web server will first try to load index.html. In case that file isn’t found within that directory, it’ll look for index.cgi. If that isn’t found, it’ll look for default.html and so on.

Say I keep all my include files in a directory includes and all my images in a directory images. I obviously don’t want visitors to view the contents of either of these directories. The DirectoryIndex directive lets me use one index file for all the directories or a unique index page for each one.

On setting up WordPress on some specific servers, you may find that the page doesn’t load. This is likely to happen if there is an index.html file present on the site from before. For certain server configurations, this file is given preference and is hence loaded instead of index.php. The DirectoryIndex directive can effectively be used to prevent this problem –

DirectoryIndex index.php