I have implemented a private git server over http using the git documentation and added a few users.
The problem is that it allows me to clone or pull without authentication it only asks for user and pass when I make a push.
CodePudding user response:
Is it possible that you already have a connection to the git server on the computer where you are doing git clone
, maybe through previous changes in other repositories? Then your git credentials are probably stored on the computer, so that you don't have to enter your username and password every time.
This doesn't mean that your private repo is unprotected, the computer supports you and makes using git user-friendly.
If you don‘t want, that the git credentials get saved, and you want every time to write username and password, I recommend you to look at the answers to this question
CodePudding user response:
The documentation link only restricts pushes because it looks for git-receive-pack
, which is the push code. git-upload-pack
is the clone and fetch code (the names refer to the server's activity).
If you want to restrict all access, remove the line which looks like this:
Require expr !(%{QUERY_STRING} -strmatch '*service=git-receive-pack*' || %{REQUEST_URI} =~ m#/git-receive-pack$#)