[nycphp-talk] Webserver file access (and version control)
chsnyder at gmail.com
Mon Aug 20 15:45:59 EDT 2007
On 8/18/07, Cliff Hirsch <cliff at pinestream.com> wrote:
> Are there any issues related to having the version control hidden files and
> folders on a production site? Does the Subversion .svn folder need to be
> protected on a production site? Is the best practice to do ongoing updates
> on a production site using version control or to export specific tagged
> versions to a production site (which would remove al the version control
> specific hidden files)?
Hey, nice catch Cliff.
Deny from all
Convenience over security can come back to bite you, I guess.
To reiterate the point, if you use subversion to manage web
directories, you need to make sure that the .svn metadata will not be
served by apache.
More information about the talk