Recently I got an automated email from reporter at repo-lookout.org warning of an exposed git repo on one of our sites. According to this,
https://iosentrix.com/blog/git-source-code-disclosure-vulnerability/
I fixed it using the method for Apache 2.4
<DirectoryMatch "^/.*/\.git/">
Require all denied
</DirectoryMatch>
No comments:
Post a Comment