I have implemented a private git server over http using the git documentation and added a few users.
The problem is that it allows me to clone or pull without authentication it only asks for user and pass when I make a push.
Asked
Active
Viewed 113 times
1 Answers
1
The documentation link only restricts pushes because it looks for git-receive-pack, which is the push code. git-upload-pack is the clone and fetch code (the names refer to the server's activity).
If you want to restrict all access, remove the line which looks like this:
Require expr !(%{QUERY_STRING} -strmatch '*service=git-receive-pack*' || %{REQUEST_URI} =~ m#/git-receive-pack$#)
bk2204
- 64,793
- 6
- 84
- 100