diff --git a/.gitignore b/.gitignore
index 2782f677e9e02bdac2c02e1a51491c6f049beeb5..df83b61efeb89e30f1250912244c01fd643e4a73 100644
--- a/.gitignore
+++ b/.gitignore
@@ -134,11 +134,16 @@ node_modules
 
 # public folder
 public/*
+!public/media
 !public/.htaccess
 !public/favicon.ico
 !public/index.php
 !public/robots.txt
 
+# public media folder
+public/media/*
+!public/media/index.html
+
 #-------------------------
 # Docker volumes
 #-------------------------
diff --git a/public/media/index.html b/public/media/index.html
new file mode 100644
index 0000000000000000000000000000000000000000..eebf8ecb2b2bdf794e1a23e04bc129e3aaacaeb4
--- /dev/null
+++ b/public/media/index.html
@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>403 Forbidden</title>
+  </head>
+  <body>
+    <p>Directory access is forbidden.</p>
+  </body>
+</html>