Bug#548213: Apache should protect .svn directories
Package: apache2.2-common
Version: 2.2.13-1
Usually during Web development when site is checked out from SVN
repository, .svn folder contains site sources, which can be accessed
from the Web in raw form (e.g. http://site.com/dir/.svn/entries). That
can be a potential security hole.
Solution:
Include the following configuration into apache /etc/apache2/apache2.conf:
<Directory ~ ".*\.svn">
Order allow,deny
Deny from all
</Directory>
With best regards,
Dmitry
Reply to: