[ervion]

I don't want to let visitors list my directories. When visitors try to list directory, they should land on custom site, that says, that "directory listing is not allowed and blah-blah", or if this is absolutely impossible, then I want them to land on my custom 404.

With "Options –Indexes" in .htaccess, when someone tries to list directory, they see http://error404.000webhost.com/, instead of my custom error page(when mistyping address, custom 404 works). And I totally do not want visitors to see that page.

With "IndexIgnore *" visitors see simply "Index of ...", and I dont want them to see that either.

I found somewhere that:
"Options +Indexes
IndexOptions +SuppressHTMLPreamble
IndexIgnore *
HeaderName /includes/header.html
ReadmeName /includes/readme.html"
where my custom content would be in header.html
BUT for some reason header wasnt working, and i stil got simply "Index of ..."
Are headers disabled? Or what am I doing wrong?

So, could anyone point me directions how to make it work?

[ShocK]

You could put an index.html file in each directory you don't want to be viewed with whatever you want in that file. Or just a blank index.html file.

[Doug Lochert]

Alternatively, you could place an .htaccess in each directory you wish to be protected with the following lines:

allow from localhost
deny from All

And then edit the .htaccess within your parent directory (public_html) to include the following line:

ErrorDocument 403 /error.php

*Where error.php is your custom error file

[rs3511]

Better yet, get a CMS like Joomla or Wordpress. Most directory level security is already built into the core software.