The admin/backups/ directory contains database backup files created by Administration Tool -> Tools -> Database Backup.
It is important that Directory Listing is disabled for this directory in the web server configration to prevent unauthorized access and snooping of the contents in the directory.
After applying the following configuration, confirm the change by accessing the admin/backups/ directory with your browser. If you receive a Forbidden 403 error page, the configuration was applied successfully. If you receive an Internal Server 500 error page, undo the changes performed and contact your hosting provider or visit our support page for further help.
Create or edit the following file and add the following rule:
admin/backups/.htaccess
Options -Indexes
Create or edit the following file and add the following rule:
admin/backups/web.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<directoryBrowse enabled="false" />
</system.webServer>
</configuration>
In the server configuration, add the autoindex directive to the location block with the correct directory location:
server {
...
location /admin/backups/ {
autoindex off;
}
}