[nycphp-talk] Webserver file access (and version control)

Cliff Hirsch cliff at
Mon Aug 20 15:59:59 EDT 2007

> Hey, nice catch Cliff.
> <DirectoryMatch "^/.*/\.svn">
>     Order allow,deny
>     Deny from all
> </DirectoryMatch>
> Convenience over security can come back to bite you, I guess.
> To reiterate the point, if you use subversion to manage web
> directories, you need to make sure that the .svn metadata will not be
> served by apache.

Convenience sure makes me want to use this approach. And you could even
update the production "working copy" to a specific branch or tag, not just
the main trunk.'s still an update and conflicts would be a bear to
deal with in a production environment. Although there shouldn't be any
conflicts if the prod. Working copy isn't touched.

More information about the talk mailing list