Sam’s Network Simulation Cradle Blog

15 Mar 2008

Upgrading WordPress with SVN

Filed under: General — sammydre @ 5:51 am

One of the recommended ways to upgrade WordPress these days is with SVN. This is a convinient way of updating that is a lot quicker than the previous method. One of the problems with WordPress I’ve found over 4 years of running the software is that it has required many updates — I’ve almost never wanted any additional features, but there always seem to be new security holes. So a quicker way of updating is nice.

One of the things about updating with SVN, which does not appear to be discussed, is that it leaves a plethora of “.svn” directories on your webserver. Stored in these directories is the subversion source control info and backups of the working copy. By default, if you update with SVN, any user could browse the exact code that is running your blog. This sounds like a bad idea to me. While Wordpress is already open source, I don’t see any need to allow potential users/crackers/hackers/whatnot to browse through the exact code I’m running here. .htaccess to the rescue.

You could configure your web servers config to deny access to any directory with “.svn” in it.

If you are only a user on a webserver with .htaccess, it gets a bit more tricky. You could put a .htaccess in each .svn directory. Easy with a script, but tough to maintain. Or you could use mod_rewrite to make a simple rule that denies access to any pages with /.svn in the path:

RewriteEngine on
RewriteRule ^(.*\.svn.*)$ $1 [forbidden]


  1. Thanks, I’ve been meaning to do this for a long time and your post finally inspired me to make it happen.

    Comment by Plug — 20 Mar 2008 @ 8:12 pm

  2. Отличный сайт,я добавил его уже в закладки!!

    Comment by Body34 — 22 Nov 2008 @ 6:52 am

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress