How do you hide .git project directories?
RegexGitNginxRegex Problem Overview
Now that I have nginx setup I need to be able to hide my .git
directories. What kind of rewrite would I need to stop prying eyes? And where in the server {}
or http {}
block would it go?
Regex Solutions
Solution 1 - Regex
http {
server {
location ~ /\.git {
deny all;
}
}
}
This location
directive will deny access to any .git
directory in any subdirectory.
Note: This location block must be before your main location block, so that it can be evaluated first.
Solution 2 - Regex
Hidden directories and files should never be web accessible. The general answer to your question is:
location ~ /\. { return 403; }
This denies access to .git, .svn, .htaccess and similar files in any subdirectory.
Solution 3 - Regex
With other solutions I could download /.git/config
and others, just /.git
was protected. This one denies everything starting with a dot, regardless how deep the requested URL is:
location ~ /\.(.*)/?(.*)? {
return 404;
}
Solution 4 - Regex
This will prevent someone from hitting the http://example.com/.git but if your working in a subdirectory like this http://example.com/example/.git it will fail. You really need:
location ~ .*/\.git {
deny all;
}