csexton csexton - 1 year ago 216
Apache Configuration Question

Deny access to .svn folders on Apache

We have a rails application in subversion that we deploy with Capistrano but have noticed that we can access the files in '/.svn', which presents a security concern.

I wanted to know what the best way to do this. A few ideas:


  • Global Apache configuration to deny access

  • Adding .htaccess files in the public folder and all subfolders

  • Cap task that changes the permissions



I don't really like the idea of deleting the folders or using svn export, since I would like to keep the 'svn info' around.

Answer Source

The best option is to use Apache configuration.

Using htaccess or global configuration depends mainly on if you control your server.

If you do, you can use something like

<DirectoryMatch .*\.svn/.*>
    Deny From All
</DirectoryMatch>

If you don't, you can do something similar in .htaccess files with FilesMatch

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download