|
|
|
|
|
|
by samuellb
5091 days ago
|
|
|
I agree the blog post should warn about it - but it can be perfectly secure if you do it correctly. I usually put all public files inside a directory inside the repo, e.g. public_html, and/or block access to dot-files altogether in the server configuration. E.g. in Apache 2: <Files ~ "^\.">
Order allow,deny
Deny from all
</Files>
|
|
|