If you want to disable /webmail for just one domain (for example), one way to do that is to change the Aliases to be within the VirtualHosts instead of 1 global Alias.
To do that, we’ll need to use the virtual_host2.conf template (for apache 2) and use the custom httpd config settings, found in the Admin Level. This guide assumes you’re using apache 2 with custombuild.
1) Setup the custom template so it’s safe from DA updates:

cd /usr/local/directadmin/data/templates/custom
cp ../virtual_host2.conf .

2) Edit the copied virtual_host2.conf file, and insert the following at the top of the file:

|?WEBMAIL=ON|

Then just below the token that says |CUSTOM| (in the same file) add:

|*if WEBMAIL="ON"|
Alias /webmail /var/www/html/webmail/
|*endif|

3) Go to:
Admin Level -> Custom httpd config -> domain.com
In the textarea at the top, insert this one line:

|?WEBMAIL=OFF|

which will shut off webmail for just that one domain.
4) Remove the global Alias from the /etc/httpd/conf/extra/httpd-aliases.conf file.
5) Issue a full user httpd.conf rewrite, then restart apache.

echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq d
/etc/init.d/httpd restart

Create an .htaccess file in your public_html directory with the following code:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com.*$ [NC]
RewriteRule .(gif|jpg)$ – [F]

Where domain.com is your domain.

If you want to list all files in a directory that doesn’t use an index.html (or index.php) file, you can create an .htaccess file with the following contents:

Options +Indexes

This will tell apache that you want to list all files in the directory.

You can check the current version of apache by running

httpd -v

If you wish to update your 1.3 version of apache to the most recent, run the following:

cd /usr/local/directadmin/customapache
./build clean
./build update
./build apache_mod_ssl

If you’re using apache 2.x, use "./build apache_2" instead of apache_mod_ssl.
This should update both the configure options and the version of apache to the most recent version. Once the update has completed, you’ll need to restart apache:
RedHat:

/sbin/service httpd restart

FreeBSD:

/usr/local/etc/rc.d/httpd restart

To disable the SSL2.0 protocol (thus forcing 3.0),
for apache 1.3, find the line:

#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

and change it to:

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL

Note the 2 changes: a) remove the # character at the beginning of the line, and b) change +SSLv2 to !SSLv2

For apache 2.x, do the same thing, but instead it will be in the /etc/httpd/conf/ssl.conf file, or for the new apache system, /etc/httpd/conf/extra/httpd-ssl.conf (if you have both files, just change it in both).