#TIL : Prevent source hacking from .git directory exposing

01 Mar 2018 / by KhanhIceTea

Many web project use Git as source version control tools. So in production
server, we could expose the hidden .git directory - which contains all most
infomation about project source code.

To "rip" a source code from a vulnerable website, we can use this tool : https://github.com/kost/dvcs-ripper#git

So to prevent this happens, try to deny all http access to hidden files and
directories (usually starts by . character)

Example of Nginx config

location ~ /\. {
    deny all;
}

Sound good ?

0 kudos, click the star if you think this post is value !

#TIL : Storing master key inside MacOS keychain

#TIL : Run multiple AlpineJS inits and effects on same element

til • 30 Sep 2024

#TIL : Run multiple AlpineJS inits and effects on same element

#TIL : HTML Form no trigger submit when press Enter key on input

til • 19 Sep 2024

#TIL : HTML Form no trigger submit when press Enter key on input

#TIL : Using Curl to check downtime and ssl cert expiration

til • 10 Aug 2024