search for: preventing_svn_exposure

Hi all, If you are using Pound / Pen or another load balancer, I believe you should read this: http://blog.teksol.info/articles/2006/08/25/subversion-metadata-exposure-on-mongrel My article refers to Dan Benjamin''s http://hivelogic.com/articles/2006/04/30/preventing_svn_exposure My point is that even though we are preventing Apache from serving anything except a select few file extensions, Mongrel is serving up the files behind the scenes. So, http://myrailsapp.com/.svn/entries exposes Subversion metadata. Go and read the posts, well worth the time: http://blog.teksol.i...