Ping a Specific Port

Question

mnml

Asked: 2009-09-28 15:35:45 +0800 CST2009-09-28 15:35:45 +0800 CST 2009-09-28 15:35:45 +0800 CST

Secure .svn folders

772

I would like to know if it's unsecure to leave the .svn folders accessible to anyone on a webserver

eg. : http://yoursite.com/.svn/

if not what's the best way to secure these?

2 Answers

Voted

adric · Answer 1 · 2009-09-28T18:06:08+08:00

Best Answer

adric

2009-09-28T18:06:08+08:002009-09-28T18:06:08+08:00

SVN export is a better answer for most people. Metadata leaks could be problematic in some cases, but if anyone was really surprised by them they didn't read the fine manual and should be scolded. For the rest, I'm using this in .htaccess and it seems to work okay:

## Need to tell apache2 to ignore .svn ... ?
RedirectMatch 403 /\\.svn(/|$)

5

barfoon · Answer 2 · 2009-09-28T15:38:55+08:00

barfoon

2009-09-28T15:38:55+08:002009-09-28T15:38:55+08:00

This has shown to be a security hole, and hackers have been able to view the source of some sites this way.

Typically for sites in a production environment you should use a svn export instead of a checkout.

4

Secure .svn folders

Ping a Specific Port

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What's the command-line utility in Windows to do a reverse DNS look-up?

How to check if a port is blocked on a Windows machine?

What port should I open to allow remote desktop?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?