As many users may find that in WordPress some of the folders may be accessed directly if it does not contains an index.php or an index.html file. This issue can cause security problem to the website, if hackers can see the files and other folders in your website. In this case we can restrict the direct access of folders in the website by adding some codes in the .htaccess file.
To do so, please open the .htaccess file in the root folder of your website and add the following code into it.
# directory browsing
Options All -Indexes
If someone has access to your directories they will be able to view all the folders in this directory if you don’t have an index.html or a index.php file. You can stop this with htaccess by adding the above line. This will make sure that you can not browse a directory even if an index file doesn’t exist.