PSA: .git directory should not be public.


Ideally the .git directory is not in production to begin with. as it is not needed to run an application. However, many deployment strategies use Git to move code changes onto a machine. If this is the case for your application; please, please, please do not allow .git to be accessible by the public. This situation is a MAJOR security risk. It could lead directly to a security breach.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.