On 8/18/07, Cliff Hirsch <[EMAIL PROTECTED]> wrote:
>
> Are there any issues related to having the version control hidden files and
> folders on a production site? Does the Subversion .svn folder need to be
> protected on a production site? Is the best practice to do ongoing updates
> on a production site using version control or to export specific tagged
> versions to a production site (which would remove al the version control
> specific hidden files)?
Hey, nice catch Cliff.
<DirectoryMatch "^/.*/\.svn">
Order allow,deny
Deny from all
</DirectoryMatch>
Convenience over security can come back to bite you, I guess.
To reiterate the point, if you use subversion to manage web
directories, you need to make sure that the .svn metadata will not be
served by apache.
--
Chris Snyder
http://chxo.com/
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
