Use .htaccess to Stop People From Viewing Files in a Directory.

Open the directory with your favorite FTP client – unless you’re local and can just navigate to the directory.

Add a file called .htaccess. The ‘.’ is important and mandatory.

The permissions for .htaccess should be 644.

Edit the .htaccess file with a plain-text editor (don’t use a word-processor application) and add the following line:

[code]Options -Indexes[/code]

Save the file.

What this will do is prevent indexing the files in the folder. If people try to access the folder directly, they’ll get a 403 forbidden error.

At the same time, you can still link directly to files in that folder.

So, let’s say you added the .htaccess to a directory called /tmp. You can still link to, use, and send people to /tmp/picture.jpg like normal, but people won’t be able to browse the directory and find files you don’t want them to see.

For more information,  click this.