Subversion security
What's the best practice for setting up a secure subversion server? We are currently using visualsvn server with active directory implementation and https. Now we want to provide connectivity from outside the firewall. what is this security risk? is it possible to prevent brute force attacks to enter?
hello Roland
source to share
If you are using Active Directory Authentication - I have to hope that the brute force attack will be thwarted by the regular windows system to lock out accounts that have had too many password failures.
What kind of access do you provide through the firewall? If it's developer access (work from home), you can use a VPN. If it's read-only, you might consider hosting a mirror instead of the main server.
source to share
I have used apache with mod_dav_svn. The VisualSVN server uses Apache. You will have no problem working with the VisualSVN client. Then, you can secure the SVN like any other web resource. You can even use SSL. This assumes basic auth. You can use anything, including LDAP and ActiveDirectory for authorization.
<Location /svn>
DAV svn
SVNParentPath /usr/local/svn
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /etc/svn-auth-file
Require valid-user
</Location>
More details here
source to share