Of course... php app. My bad. Use a .htaccess to not allow access to the .git folder on the server, or something similar to that.
Cam On 20/01/2010, at 4:57 PM, Ben Hoskings wrote: > Hi Terj, > > That's not a problem for ruby apps, because the convention is to set the > DocumentRoot to a subdirectory within the project. For example, I deploy > rails apps to their own user account, at ~/current. That's a git repo, so > there's a ~/current/.git directory. But then, the DocumentRoot is > ~/current/public, so nothing outside that directory is accessible to http > clients. > > Capistrano does something similar, where ~/current is a symlink to > ~/releases/<timestamp>, so the contents of the directory are the same. > > It all depends on how you structure your app. I have no idea about PHP apps, > I've never written any PHP, but that's how we do it in the rails world. :) > > —ben_h > > > On Wed, Jan 20, 2010 at 4:47 PM, Terj <[email protected]> wrote: > Hello, > > I have a quick question regarding deployment with Capistrano. We have > a PHP app here which I have capified and deployed from github. I > notice that it is placing the .git folders in my www folder as well > when it is checking out the code from the github repository. Are there > any security risks around having my .git folder in my web accessible > folders? I remember this being an issue that someone faced a while > back where someone got access to their source code by accessing > their .svn files which were in their web root. > > Any help and guidance would be much appreciated. > > Cheers, > TJ > > -- > You received this message because you are subscribed to the Google Groups > "Ruby or Rails Oceania" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/rails-oceania?hl=en. > > > > > -- > You received this message because you are subscribed to the Google Groups > "Ruby or Rails Oceania" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/rails-oceania?hl=en.--
You received this message because you are subscribed to the Google Groups "Ruby or Rails Oceania" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to [email protected].
For more options, visit this group at http://groups.google.com/group/rails-oceania?hl=en.
