Access Keys:
Skip to content (Access Key - 0)

Why do I get "Forbidden" when trying to view a directory in my Athena locker over the web?

I had a directory which was publically readable on or When people visit the folder they get an error message instead of seeing an index list of the files.


The error for may say:

403 Forbidden


You don't have permission to access /example/Public/ on this server.

The error for may say:

MIT 403 Error - permission denied

permission denied

You do not have permission to access the requested url, or the server was unable to access the requested file.


In June 2015, there was a change with how the MIT web servers handle folders that have no index.html file. Be default, the MIT web server will no longer show an automatic index listing of your files. If you want the MIT web server to display a list of your files, you can turn on this option using a file with a special "Options line:

  1. create a file named in the folder that should be public.
  2. put a line into the file that says:
    Options +Indexes
required AFS permission "system:anyuser read"
This feature still requires the directory to be readable by "system:anyuser". For more information, please see Who has permission to change files in a locker or website? and How do permissions work in AFS?

Step-by-step instructions for Athena

  1. Login to Athena
  2. At the prompt, navigate to the directory you want to change. For example, to change to your www directory:
    cd ~/www
  3. Create a file if it doesn't already exist
  4. add the line "Options +Indexes"
     echo "Options +Indexes" >>
  5. Test your folder on the web to make sure the behavior is as you intend.

If you have any questions about how to make this change, please contact

Announcement regarding changes

Announcement email

Dear All,

On June 16, 2015, Information Systems & Technology (IS&T) will change
the default behavior of by turning off the automatic
creation of a directory listing for websites.

Previously, if a website did not have an index page, would
automatically generate a list of files and folders within the site that
a visitor would be able to browse.

Disabling this feature aligns with current security best practices to
protect data from accidental exposure.

This change will affect all sites hosted on and in Athena
lockers; no effort is required from individual users.

If you have any questions please email

IS&T Contributions

Documentation and information provided by IS&T staff members

Last Modified:

August 04, 2016

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
olc-afs olc-afs Delete
athena athena Delete
file file Delete
transfer transfer Delete
c-file-transfer c-file-transfer Delete
htaccess htaccess Delete
indexes indexes Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
This product/service is:
Easy to use
Difficult to use

This article is:
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki