<Location /obcart/index.php>
 Order Deny,Allow
 Deny from All
 Satisfy All
</Location>

RedirectMatch 404 /".svn(/|$)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
This is straight from the mailing list with grateful thanks to Ryan Schmidt.

Sometimes I can be a bit slow so I hadn't even considered blocking access to the .svn folders on this and other sites I maintain. I have now! There are two solutions:

<Files ".svn">



Order allow,deny



Deny from all



</Files>



<DirectoryMatch "/".svn/">



Order allow,deny



Deny from all



</DirectoryMatch>

and:

RedirectMatch 404 /".svn(/|$)

====================================================================================================

Apache Tips & Tricks: Deny access to some folders

Applies: apache 1.3.x / apache 2.0.x
Required apache module: mod_access
Scope: global server configuration, virtual host, directory, .htaccess
Type: security

Description: How to deny access to certain folders and the files inside them.
Useful: to deny access to certain folders containing private information (log files, source code, password files, etc.). The example shown here will address the question posted by Saul Howard on how to deny access to all the subversion directories (.svn).

I a previous tip (Deny access to certain file types) I have showed how we can deny access to files using a particular filename or all the files with a particular extension or any regexp we can match the files. In this post we will block access to folders, so instead of using the <Files> directive we will be using the <Directory> section.

Allow/Deny Directive in <Directory>

Let’s see how we can deny access to all the .svn folders that exist on the server.
In order to achieve this we will add the following configuration lines in the appropriate context (either global config, or vhost/directory, or from .htaccess):

<Directory ~ "".svn">
Order allow,deny
Deny from all
</Directory>
Similar to this we can deny access to other folders we might need…

Note: this will show a Forbidden page (code 403) even if the folder does not exist and it is just called from the browser in the url.
Another way how this can be quickly accomplished is by using a Rewrite rule:

RewriteRule ^(.*/)?"".svn/ - [F,L]

or using a redirect:

RedirectMatch 404 /"".svn(/|$)

(in this last example I am using 404 as the returned code so this looks like the folder doesn’t exist on the server; of course if you prefer you can return 403 - forbidden code).

Go to:
Main page of all my Apache Tips & Tricks