lucy24 - 9:04 pm on Mar 13, 2013 (gmt 0)
They used to have a default deny on the browsing of directories...
The single line phranque quoted will fix this. The setting
is inherited from top to bottom. So anything you say in your main htaccess file will apply to your entire site. If you want some directories to behave differently, just pop a one-line htaccess file in those.
Your hosts may have changed their minds about which setting to use in the beginning, or they may simply have forgotten to include the line after upgrading. The default in 2.2 and 2.4 is +Indexes. If you want -Indexes you have to say so explicitly. This did not change between 2.2 and 2.4. (I looked it up right now.) If the host has only just upgraded from 1.3 to 2.x I do not want to hear about it ;)
Now, the host's config file should absolutely have a line that makes files with leading . dot invisible to everyone, everywhere, both in directory listings and in browsing. It's not clear from your initial post whether people can now see the .htaccess file in one or both of these situations. If yes, change hosts yesterday. This would be a VAST security hole.
And if you are saying that your own
line is being ignored, it is also time to change hosts. "Options" is a separate override that can be enabled even if you're on low-budget hosting that won't let you do other basic things like redirecting.
EXCEPTION: ymmv, but in my setup I can't have the
line in the htaccess for my shared userspace (three domains). It has to go separately in each domain.