Apache is a popular web server used by millions of websites and applications. Often web development teams employ git version control system to manage their source code, and set up Apache to directory read files and data from git repository’s directory. Every git repository has a hidden .git directory that stores key information such as index, head, etc. Since Apache reads files from git repository’s folder, it is possible that Apache server ends up serving contents of .git directory. But .git directory is required only for repo management and it should not be visible via your website’s URLs. So you need to prevent Apache from serving .git directory. In this article, we will learn how to prevent Apache from serving .git directory. You can use it to block access to .git directory.
How to Prevent Apache from Serving .git Directory
To proceed with the following steps, you need to open .htaccess file of your Apache server. If you have not set up mod_rewrite/.htaccess on your Apache server yet, then follow step # 1 below, else skip to step #2.
1. Enable mod_rewrite
If you have already enabled mod_rewrite on your Apache server, you can skip this step. Otherwise, run the following commands as per your Linux distribution.
$ sudo a2enmod rewrite
Open Apache configuration file in a text editor.
$ sudo vi /etc/apache2/httpd.conf OR $ sudo vi /etc/httpd/httpd.conf
Look for the following line.
#LoadModule rewrite_module modules/mod_rewrite.so
Uncomment it by removing # at its beginning. If you don’t find this line, add it afresh.
Also look for the following Directory tag and change AllowOverride from None to All.
. . .
. . .
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
. . .
. . .
2. Open .htaccess file
Open terminal and run the following command to open .htaccess file in your website’s root folder. If your website root is located somewhere else, then please update the file path below as per your requirement.
$ sudo vi /var/www/html/.htaccess
3. Prevent .git directory
Add the following lines to prevent .git directory from being served.
<Directorymatch "^/.*/\.git/"> Order 'deny,allow' Deny from all </Directorymatch>
Save and close the file. The above code matches all URLs where directory name starts with ‘.git’ and blocks it, by returning 403 Access Forbidden response.
Alternatively, you can also add the following RedirectMatch directive to match and block URLs starting with .git. You can use response code as 404 (Page Not Found) or 403 (Access Forbidden) as per your requirement.
RedirectMatch 404 /\.git
4. Restart Apache Server
Restart Apache server to apply changes.
$ sudo service apache2 restart
In this article, we have learnt how to prevent apache from serving .git directory. It can be used to block access to .git directory.
How to Check if String is Substring of Items in List
How to Check if Column is Empty or Null in MySQL
How to Modify MySQL Column to Allow Null
How to Schedule Multiple Cron Jobs in One Crontab
How to POST JSON Data in Python