October 14, 2010

Rails security

By Pablo Ifran

When you are working with svn (pulling your project from the svn to the web server) and you want to deploy a system into production with apache (mod_rails), you must filter the svn folders (to prevent that other users view your svn files).

To do that task, you must add the following lines to the apache configuration.


<DirectoryMatch "^/.*/\.svn/">
ErrorDocument 403 /404.html
Order allow,deny
Deny from all
Satisfy All
</DirectoryMatch>