Securing the Environment

Once everything is setup,  you’ll want to make sure that the “.git” directory isn’t directly accessible to the public (especially if using the HTTPS method to push). You can do this with Apache by adding the following .htaccess file to your .git directory:

content: Deny from all

If you initialized the repository through Revisr, Revisr will automatically add the above .htaccess file.

If your repository is using a “.gitignore” file, depending on the contents you may not want the file to be accessible. You can prevent direct access to the “.gitignore” file with the following code added to your .htaccess:

<Files .gitignore>
Order Allow,Deny
Deny from all
Last updated on January 13, 2017