Ensuring directory contents can’t be seen
Open the /etc/apache2/apache2.conf file:
sudo nano /etc/apache2/apache2.conf
Find this section:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Options Indexes FollowSymLinks to:
Options -Indexes +FollowSymLinks
So it now looks like this:
<Directory /var/www/>
Options -Indexes +FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Save and close the file. Then, restart the Apache webserver:
sudo systemctl restart apache2
