Home/ Questions/Q 8889453
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T22:16:03+00:00

Reading all the tutorials and articles on the internet. As a simple workflow, I

  • 0

Reading all the tutorials and articles on the internet. As a simple workflow, I have understood that we can create a bare repository on our live server and push updates to it from the local repo etc.

My question and concern is that since the live server will also be a Git repo and it would have the .git folder, Wouldn’t that be a security problem? How to prevent access to it?

Update

Suppose my live folder on server is /www and I can access it from the browser http://myserver.com so I can also access http://myserver.com/.git/HEAD ??? How to prevent it?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You may want to consider separating the repository and the working tree.

    For example, somewhere outside of the folder served by your Web server, run git init --bare. Then replace the config file in this directory with the following (where /path/to/web/root is the path where the files should be placed).

    [core]
    repositoryformatversion = 0
    filemode = true
    bare = false
    worktree = /path/to/web/root
[receive]
    denycurrentbranch = ignore

    Finally add hooks/post-receive with the following contents and mark it executable

    #!/bin/sh
git checkout -f

    Now whenever you push to the repository, the files will be checked out into the correct location and you never have to worry about the repository accidentally being served up.

    • 0