Task #68626
closed
Disallow access to vcs directories
100%
Description
Disallow access to .git and .svn directories.
Some background:
http://www.jamiembrown.com/blog/one-in-every-600-websites-has-git-exposed/
http://www.golem.de/news/websicherheit-riskante-git-verzeichnisse-1507-115476.html
Updated by Philipp Gampe over 9 years ago
- Status changed from In Progress to Rejected
Cannot be solved because DirectoryMatch is not allowed in .htaccess context. A corresponding deny rule via mod_require is already place, blocking all access to files and folders staring with a dot, including .git/ and .svn/.
Because of the limitation of the apache webserver nothing further can be done.
Updated by Philipp Gampe over 9 years ago
- Status changed from Rejected to In Progress
Can be archived by mod_alias and RedirectMatch.
Updated by Gerrit Code Review over 9 years ago
- Status changed from In Progress to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/42100
Updated by Gerrit Code Review over 9 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/42100
Updated by Gerrit Code Review over 9 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/42100
Updated by Gerrit Code Review over 9 years ago
Patch set 1 for branch TYPO3_6-2 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/42152
Updated by Philipp Gampe over 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 231fecfea95aec4f71f9e4c82641a8d38b1bdc8b.
Updated by