operations
operations copied to clipboard
Ensure .git folders are not accessiable via web server
A few of our site are checked out from git and and the .git
folder is publicly accessiable.
While all sites git repos code is likely public and the exposed .git
folder would not be private data, it would be best practice to lock down access:
- To reduce chance of accidentially exposing data which is checked into git working copies.
- To stop false positive alerts from security scanning which find the
.git
folder exposed.