How to Hide Contents & Folders Inside a Parent or Root Web Directory

In some cases, you will be required to hide folders and contents inside a root/parent web directory in order to prevent others from accessing your confidential directories and the files inside them. If you are little confused with the scenario, let me explain.

Consider a case in which your website has a sub domain and several sub directories inside that sub domain. In a real life scenario, assume that you run an online gadgets store and you run it on a sub domain Now assume that you have a dedicated web app for each brand and you run them as sub directories. So you run apple brands under the URI and in similar ways a samsung store under In such a case, you will have many directories coming under the root sub domain

A screenshot of such a case is shown below. 

How to Hide Contents & Folders in a Root Web Directory

What are the vulnerabilities of not hiding folders & files ?

The risks are plenty. A root directory always contains many important files like the configuration file of your web app software. If some one access this configuration file, he will get details of your database username & password. You can imagine the consequences. To avoid such exploits, we always advice you to hide the contents inside a root directory (whether its of the home domain or a sub domain).


There are more than one solutions to fix this vulnerability. The easy and most popular one is to hide folders & files by uploading an empty index.html file inside the root directory.

Solution #1 – Add an empty Index.html file in the root directory

This is a simple and easy solution which can fix the problem. All you need to do is create an empty file and name it index.html. Now upload this file to root directory via FTP. In this way you can hide all folders & files inside a root directory from external access.

You can create an HTML file within your web FTP client as well. I have added 2 screenshots which will give you an overall idea of creating an index.html file from your web FTP client.

STEP 1:- Create  a new file by clicking “New File”

STEP 2:- Name the file with extension as “index.html”

STEP 3:- Hit the button “Create New File”

That’s it and you are done!

How to Hide Folders & Files Inside a Root Web Directory
Creating a new HTML file

The outcome of above steps will be a new 0 KB index.html file residing in your root directory. A screenshot of the same is given below.

Hiding Folders & Files inside Root Web Directory

Now you are done! You have successfully hidden those folders & files inside your root directory from the external world. You can test the same by loading your URI in any browser.

I will be updating this article with other possible solutions soon. Keep tuned.

About the author

Jojo Joson

Add comment