Deny access to .svn folders on Apache

svn apache deployment capistrano
csexton picture csexton · Dec 29, 2008 · Viewed 33.7k times · Source

We have a rails application in subversion that we deploy with Capistrano but have noticed that we can access the files in '/.svn', which presents a security concern.

I wanted to know what the best way to do this. A few ideas:

  • Global Apache configuration to deny access
  • Adding .htaccess files in the public folder and all subfolders
  • Cap task that changes the permissions

I don't really like the idea of deleting the folders or using svn export, since I would like to keep the 'svn info' around.

Answer

Vinko Vrsalovic picture Vinko Vrsalovic · Dec 29, 2008

The best option is to use Apache configuration.

Using htaccess or global configuration depends mainly on if you control your server.

If you do, you can use something like

<DirectoryMatch .*\.svn/.*>
    Deny From All
</DirectoryMatch>

If you don't, you can do something similar in .htaccess files with FilesMatch

Related questions

SVN Error E175002 while checking out code from repository

While trying to checkout code from a repository online I got the following error: E175002: REPORT of '/repos/xxx/!svn/vcc/default' I am trying to checkout the code from a remote computer.

Read More
SVN error running context: An existing connection was forcibly closed by the remote host

I've created an SVN repo on my Debian Wheezy build server following this tutorial. svn --version gives 1.6.17. Sadly, I can't commit anymore to the repo from my Windows 7 machine; it fails with the following error message: Transmitting file data .svn: …

Read More
Ubuntu + SVN: Could not open the requested SVN filesystem

I'm aware this question has been asked a lot of times. I believe I understand the answers, but I still had no luck. I tried both one repo and multiple repos configurations, having the same issue for both of them. …

Read More