[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Hidding .svn directories on Apache

From: Ryan Schmidt <subversion-2006d_at_ryandesign.com>
Date: 2006-11-30 22:31:07 CET

On Nov 30, 2006, at 14:09, Ronan Lucio wrote:

> As I have the website as a workcopy of the repository, it have
> a .svn diretory for each directory/subdirectory in the struct.
>
> Intending to secure the application and the server Iīd like that
> those folders arenīt accessible via browser.
>
> So, I follow the Subversion FAQ and put the lines
>
> <DirectoryMatch "^/.*/\.svn/">
> Order deny,allow
> Deny from all
> </DirectoryMatch>
>
> in the /etc/httpd/conf.d/subversion.conf file that is included
> by the httpd.conf file.
>
> But it isnīt working. I still can browser the directories.

This is what I use:

RedirectMatch 404 .*/\.svn(/|$)

I believe I used to use this:

<Files ".svn">
        Order allow,deny
        Deny from all
</Files>
<DirectoryMatch "/\.svn/">
        Order allow,deny
        Deny from all
</DirectoryMatch>

However, that returns a 403 error to the client, which conveys the
information to the visitor that these items do indeed exist but that
they are not allowed to see them. I prefer to use the RedirectMatch
command to return a 404 code so that the items genuinely appear not
to exist. 

-- 
To reply to the mailing list, use your mailer's Reply To All function
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Nov 30 22:32:49 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.