Security: Deny access to .hg/* via mod_rewrite

Question

My website is a mercurial repository with multiple subrepositories. I need to make sure I\'m denying access to all files in every .hg directory on the server.

For exampl

Answer 1

You always have the possibility to place .htaccess files in these folders and deny all access within the Folder.

I'm assuming you want a solution, where you don't have to put the .htaccess files in every folder and subfolder?

Try the following (assuming you have ssh access to the webserver):

• Change into the DocumentRoot of your site
• create a .htaccess file

Content:

Order deny, allow
Deny from all

• Execute the following command:

  find . -type d -name .hg -exec cp ./.htaccess {} \;

• Afterwards delete the .htaccess file from your document root again