CPanel – Index Manager

In this video we’re gonna take a look at cPanel again and see how we can use the cPanel Index Manager feature. Now, what a lot of website owners don’t realize is that although they have a CMS or a Content Management System that WordPress installed into your home page, there are several folders in the web server itself that can be accessed publicly by almost anyone online. So this is really dangerous because people can actually see the contents of that folder and also download any files that you have in that folder and perhaps also access other important information that is stored in that folder – for example, your login password or credit card information.

[evp width=”640″ height=”480″]tutorials/wpvideos/cpanel-indexmanager.swf[/evp]

Let me give you a very short example of exactly what I mean. Now, assuming that this is your actual website here, now, if you would just go to, and type in…’images’…alright, so you just go to, and you would be able to see the default images folder here, and any of the images that you’ve uploaded to the default images folder. Now, this is just one example; any other folder that you have in there as well can be accessed using the same methods. Now, if someone is familiar with web hosting and cybertechnology, then they will already know what are the folders that most people will not protect by default.

So to overcome this and to stop people from accessing your information, you need to login to your cPanel account, scroll to the bottom, there you would see Index Manager. So when you click on Index Manager, make sure you select Web Group and click on Show Hidden Files, then click on Go.

Then you can click on public_HTML, okay, and by default the system setting is to show any files that are inside folders. So I do not want to use default system settings. I want to select the second option here – no indexing – and then click on Save again. Okay, so it says “The index settings on /home.your server or your folder name, and /public_html/ has been updated”. So if you set public_html to not show any indexes, then the same settings will be carried forward to any files inside public_html and also subfolders, etc., okay?

Alright, now let’s go back to this exposed folder earlier – the images folder – and let’s refresh the browser. Okay, so now you see, instead of showing the actual index or the contents of the folder, you would just see a message that says, “Forbidden: You don’t have permission to access the /folder name/ on this server.” So this is the easiest way to protect content and other sensitive information like files, passwords, etc, from prying eyes and from hackers online. So it’s very important that you have a look at your website right now, and see if you have ‘enable index manager’ off, or if you have disabled it. And that’s how easy it is to actually stop people from accessing information on your site that you don’t want them to have access to.