To disable directory browsing all you have to do is drop in a blank index.html file into the wp-content\uploads directory, each subsequent sub-directory also would need a blank index file, there are plugins that can automatically do this for you.
ps. Get a better host, there is no reason they should disallow you having your own .htaccess files.
Related Posts:
- File and directory permissions
- Improve wordpress security by hiding non public resources
- Does this .htaccess security setting really work?
- Place static HTML files in path below WordPress page
- .htaccess for wordpress inside another wordpress install
- Isolating WordPress to a subfolder
- Permalinks not working on second wordpress installed in a subdirect
- Move wordpress to folder without changing urls
- Change wp-content without changing the name of the folder
- Using “wordpress_logged_in” to restrict direct access to uploads folder in 2021
- How to restrict access to wp-content, wp-includes and all sub-folders
- WordPress URL/Folder ReWrite using Htaccess
- Which WordPress scripts need to be executable for a fresh installation?
- Redirect main domain to subdirectory
- Blocking access to wp-login via htaccess not working
- Exclude subfolder from WP-redirect works with html but not php files
- Attach to wp-login.php and xmlrpc.php
- XMLRPC filtering through htaccess not working
- Restricting user login by IP address
- Can’t Access Subdirectory
- WordPress: Adding Security
- Fixing custom 404 pages broken by WordPress in a subdirectory
- WP install in sub-dir white screen
- How do I test to ensure that my wp-config file is protected?
- WordPress not seeing .htaccess rules
- Drawbacks to using Options -Indexes
- WordPress installed in root, need second in subdirectory with different domain
- Rules in .htaccess only if the requested URL is /wp-admin
- htaccess, site and staging in subdirectories
- External content won’t load in iframe in Safari
- I have a page using a pretty url and a mod_rewrite rule matching it. I expected it to give an error but it’s working. Why?
- Strange behaviour of is_user_logged_in() and get_current_user_id()
- Creating a copy of a website in a subdirectory, wp-admin redirect problem
- Access sub-domain when root public_html is protected with .htaccess password
- Cannot access subdirectory subpages
- Selectively Disabling PHP via .htaccess in Root Directory
- How to execute WordPress as though it is in the root folder while it is installed in a subdirectory?
- WP Codex answer incomplete? Put WP in subdirectory. .htaccess change required
- Should I prevent access to .htaccess and wp-config.php files?
- Blocking wp-login in HTACCESS has also blocked password protected pages
- Basic Auth .htaccess on wp-login, but allow logout from woocommerce
- Using htaccess to prevent spam through wp-comments-post.php
- Install second wordpress in root subfolder, Error 404
- Remove subdirectory from links
- How to properly give WordPress its own directory
- htaccess- to hide subdirectory slug only from the post
- How to direct users to a subcatalog
- Installing wordpress on subdirectory 2 levels down
- Cannot Override WordPress 404 for a Sub-Directory
- htaccess mod_rewrite not working
- How can I create a private site that is inaccessible from the outside?
- .htaccess and virtual host configuration for WP in its own directory
- Giving WordPress it’s own directory and using .htaccess Directory Index
- Restrict Content for only Contributors via .htaccess
- Allowing access to certain WordPress created pages or posts with htaccess / htpasswd
- Security headers disappear on WordPress pages
- Why is this line of code Wrong in every WordPress .Htaccess security article?
- How to redirect all HTTP requests to HTTPS
- Best collection of code for your .htaccess file [closed]
- Cannot access non-wordpress subdirectories as wordpress overrides them with a 404 error
- Moving a WP Multisite to a subdirectory
- Default .htaccess file for WordPress?
- Which one does WordPress prioritize when it comes to php.ini, wp-config and .htaccess?
- Security and .htaccess
- WordPress site hacked. Has .htaccess been hacked?
- htaccess problem after saving Settings
- Protecting direct access to PDF and ZIP unless user logged in (without plugin)
- Stop WordPress and Plugins from Overwriting .htaccess
- Move WordPress to subdirectory, keep ALL URLs
- Change Login URL Without Plugin
- htaccess disable WordPress rewrite rules for folder and its contents
- htaccess rewrite conflict with wordpress rules and ssl
- Non-WordPress page in subdirectory under WordPress page
- htaccess https redirect from www to non-www
- What does a security risk in a plugin look like?
- Permalink Issues by Installing WordPress in Subdirectory / Subfolder
- Htaccess for Wordpess set on single subdomain
- Securing wp-admin folder – Purpose? Importance?
- adding rewrite rules in .htaccess
- .htaccess and 500 error, extra character added
- WordPress .htaccess subdirectory problem
- Name-based virtual host configuration in Apache seems to cause a “500 Internal Server Error”
- Site redirects to wrong url when saving settings
- How to get WordPress to save upload file beyond web root [closed]
- Static raw HTML page
- WordPress + Magento .htaccess ReWriteRule Issue (www vs. non-www)
- Plugin to edit htaccess file
- htaccess rewrite for author query string when WP is in subfolder
- Why “Settings->Permalinks” creates .htaccess file on nginx server?
- .htaccess file redirecting to parent directory
- WordPress in sub directory wp-admin problem
- Blog.php or how to display recent posts?
- Options for restricting access to wp-admin
- Rewrite /?rest_route=/ link to /wp-json/ without changing default permalink structure in apache
- Globally force SSL on all pages
- Serve apache 404 for missing assets rather then wp 404 template WP_Rewrites
- Remove year and month in URL using .htaccess
- index.php not loading in main folder of wordpress
- Admin-Ajax.php, SSL, Non-SSL
- How to Block Access to Standard Login Flow and Comment Flow