Quick tip: Block .svn directories in nginx

28 January 2009

You might not know that by default, nginx doesn’t block the hidden .svn directories from being served up over the web, whereas Apache normally does by default. This means if you’re using the checkout or cached checkout strategy with Capistrano then you may be exposing information about your application.

There is a quick fix to this, but it took me a while to pin it down exactly. Just make sure that you include this statement somewhere inside your server {} block.

    # Block all svn access
    if ($request_uri ~* ^.*\.svn.*$) {
       return 404;
    }

Comments

Sorry, comments are closed for this article.