By default Amazon’s AMI allows directory listings for your website. In WordPress this exposes you /wp-content/uploads folder to the web. Not a big deal but could be a security risk if you upload anything sensitive to your site for some reason. You need to change the default httpd.conf file:
sudo nano /etc/httpd/conf/httpd.conf
Change the following line:
Options Indexes FollowSymLinks
as shown below (I’ve left the original line commented out)
# Further relax access to the default document root:
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# for more information.
#Options Indexes FollowSymLinks
Restart your webserver:
sudo service httpd restart