Protecting SVN metadata folders on a web server

I recently changed my WordPress install over to an SVN checkout in order to get rid of the tedious steps required to upgrade every time a new version is released.

Thankfully, following the well-written guide on the WordPress.org Codex was easy and straightforward – both for changing this existing installation over to SVN and for setting up a new blog for RunTrackr. I now look forward to updates, just so I can relish in the ease of upgrading. 🙂

SVN is a powerful tool (I use it both at work and for personal projects) and is a great SCM tool for small-to-medium sized projects. The command-line tool is easy to use, and for Windows, the great TortoiseSVN tool can’t be beat. (It integrates nicely with the Windows explorer and is compatible with the Eclipse Subclipse SVN integration plugin) Additionally, the integrated Apache HTTP server lends itself nicely to many web-based applications that not only enable browsing but also form the basis for some remote backup/file-sharing/synchronizing services out there.

One thing you’ll probably want to do after switching WordPress (or any web application) to a SVN checkout is to protect the .svn metadata folders from public access. These folders are used by the Subversion client to keep track of changes and determine what files need to be updated when getting the latest versions. They also contain information about what SVN server you are using – in some cases you don’t want to reveal these details, and in any case it’s always best practice to deny access to anything except for that which you explicitly want to make public.

Doing this is fairly straightforward with Apache. All you need to do is edit your .htaccess file in the root of your web directory. Add an entry like this:

# SVN metadata folder protection.
<IfModule mod_rewrite.c>
  RewriteRule ^(.*/)?\.svn/ - [F,L]
</IfModule>

This works for me, though some have used other regular expressions to accomplish the same task.

Comments for this entry are closed

But feel free to indulge in some introspective thought.