When you use SVN to deploy your website on the apache server, in each folder everybody can access to the .svn subfolders. So it’s possible to get your code (even passwords…).
2 solutions can be used in the Apache config file :
<Files ".svn">
Order allow,deny
Deny from all
</Files>
<DirectoryMatch "/\.svn/">
Order allow,deny
Deny from all
</DirectoryMatch>
or
RedirectMatch 404 /\.svn(/|$)
I added the 2nd solution to my apache.conf and it works fine.
I fould them on http://www.subversionary.org/martintomes/preventing-access-to-svn-folders-in-apache
But if you are not the admin of your web server, you can just use a .htaccess file like that :
RewriteRule ^(.*/)?\.svn/ - [F,L] ErrorDocument 403 "Accès interdit
I found this last line in http://maestric.com/fr/doc/programming/subversion
0 réponse ↓
There are no comments yet...Kick things off by filling out the form below.
Laissez un Commentaire