On Jul 28, 2011, at 20:27, Andy Canfield wrote:
> On 07/28/2011 09:48 PM, Geoff Hoffman wrote:
>> You can then detect http protocol with a rewrite rule and redirect to https
>> using mod_rewrite in either the vhost container or .htaccess file.
> Where would the .htaccess file be for svn+ssh? There's no directory!
.htaccess is a feature of the Apache web server. It is not applicable to svn or
svn+ssh access, since that uses svnserve and not Apache.
This is more of an Apache issue, but .htaccess files aren't really recommended
for production use. Turn them off in your httpd.conf, and put your
http-to-https redirection rules directly into the httpd.conf.
More directly, the answer to your question of how to prevent someone from
circumventing https and accessing the server via http, is to simply configure
the server to not serve the repository on http at all. Put all your
Subversion-related Apache configuration directives inside an https virtual host
only.
<VirtualHost *:433>
ServerName www.example.com
SSLEngine on
...
<Location /svn>
DAV svn
...
</Location>
</VirtualHost>
