When you use GIT in order to deploy your website on an Apache web server, in everybody can access to the .git subfolder. Which means that it’s possible to get your source code (even passwords…).
Create a file name /etc/apache2/conf.d/denyGIT
# do not allow .git version control files to be issued
Deny from all
<Files ~ "^\.git">
Deny from all
I’m preparing an IPv6 server to host all my projects. It’s so nice to start with a clean one.
First thing, I’ll use Apache2 with his wonderful Mass Virtual Hosting.
This will allow me to create a new web site named www.newwebsite.com only by creating the following directory : /home/hosts/www.newwebsite.com/
Nice isn’t it ?
I’m following this article: http://httpd.apache.org/docs/2.0/vhosts/mass.html
Here are all the command I used for Mass Hosting on Debian Etch:
root@strange:/etc/apache2/mods-enabled# ln -s ../mods-available/vhost_alias.load
mkdir /home/websites/www.example.com/online (for my online files)
mkdir /home/websites/www.example.com/offline (where I keep documents about the website)
Then I just replaced the content of /etc/apache2/sites-enabled/000-default by:
# get the server name from the Host: header
# this log format can be split per-virtual-host based on the first field
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog /var/log/apache2/access_log vcommon
# include the server name in the filenames used to satisfy requests
Here we are… just have to configure www.example.com’s IP
Next step : SVN Server. I’ll keep a backup of every versions of my projects…