Hacker News new | ask | show | jobs
by unsane1 5729 days ago
Goodness, I hope all the people using SVN to deploy are making sure that they're taking care of the .svn directories and the resulting security issues.
1 comments
JonnieCache 5729 days ago
I assume they're `svn export`ing rather than `svn checkout`ing.
link
unsane1 5729 days ago
Yet I see at least one reference to `svn update`

I'm scurred.

link
gregjor 5729 days ago
Read the whole comment. It's easy to configure Apache or whatever HTTP server you're using to not serve anything in .svn directories. Duh.
link
bradleyland 5729 days ago
Don't be afraid, just configure your Apache server correctly and you'll be fine.

One-liner if you're already using rewrite:

RewriteRule ^(./)?.svn/ - [F,L]

If you're not:

<Directorymatch "^/./.svn/"> Order deny,allow Deny from all </Directorymatch>

link