© 2013 All rights reserved.

Safe repository. Hack SVN (GIT hack)

If you are using for your website any repository system, beware how you do deploy the web.

A simple example of the abuse

(a example for SVN system – works the same for GIT)

1. open google and search for the:


git repo


2. open any link and find the file with name “entries”


git repo


3. found in the file path to the repository


git repo


4. open your SVN client and download this repository


git repo


5. you have the entire contents of the repository


git repo


Of course, the repository can be password-protected or otherwise secured, but also in this case it is a risk.

Securing Apache

Server settings:

Generates a 403 Forbidden page, and will not allow viewing svn directory structure.

Alternatively, you can disable this in the htaccess file:


The best solution is delete a .svn directories to the public or not copy at public webspace.

Comments are closed for this page

Hi, i am programmer from the Czech Republic. I love web development (Ruby, Ruby on Rails, PHP, Nette) and iOS development (Objective-C, Cocoa).
To cooperate, here is my phone:
+420 608 836