You are viewing an old revision of this post, from October 27, 2015 @ 16:10:18. See below for differences between this version and the current revision.

How to prevent web access your version control on server

Version control systems/platforms such as Git and Subversion store their metadata in hidden folders. When left open via the web, they could reveal sensitive information such as passwords. This holds true even when directory listing is disabled. --------------------------------------- Solution:

RedirectMatch 404 /\.git

You need to add the above line into your .htaccess or your server config file. It hides any file or directory whose name begins with .git (e.g. a .git directory or .gitignore file) by returning a 404. So not only are the contents of your Git repo hidden, its very existence is hidden too.

Revisions

October 27, 2015 @ 16:10:18 [Current Revision] by admin
October 27, 2015 @ 16:10:18 by admin

Revision Differences

There are no differences between the October 27, 2015 @ 16:10:18 revision and the current revision. (Maybe only post meta information was changed.)

No comments yet.

Leave a Reply Click here to cancel reply.