Two things:

两件事情：

1. Do not use IfModule for functionality you need to be present. It's okay to do it for the autoindex because it might not be present and is not crucial to the scheme. But you are counting on rewrite being present to protect your content. Thus, it's better to remove the IfModule directive and let apache tell you when rewrite is not present for you to enable it (or at least know that you won't be 'protected' and consciously comment the lines)

2. No need to use rewrite there if you have access to main configuration files, much easier would be one of

   <DirectoryMatch \.svn>
      Order allow,deny
      Deny from all
   </DirectoryMatch>
   

1. 不要将 IfModule 用于您需要存在的功能。可以为自动索引执行此操作，因为它可能不存在并且对方案并不重要。但是您指望存在重写以保护您的内容。因此，最好删除 IfModule 指令并让 apache 告诉您何时不存在重写以启用它（或者至少知道您不会受到“保护”并有意识地注释这些行）

2. 如果您可以访问主要配置文件，则无需在那里使用重写，其中之一会更容易

   <DirectoryMatch \.svn>
      Order allow,deny
      Deny from all
   </DirectoryMatch>
   

which will generate 403 Forbidden (which is better from HTTP compliance point of view) or, if you want to take the security by obscurity route, use AliasMatch

这将生成 403 Forbidden（从 HTTP 合规性的角度来看更好），或者，如果您想通过默默无闻的路线来确保安全，请使用 AliasMatch

    AliasMatch \.svn /non-existant-page

If you don't have access to main configuration files you're left with hoping mod_rewrite is enabled for usage in .htaccess.

如果您无权访问主配置文件，则只能希望在 .htaccess 中启用 mod_rewrite 以供使用。

In the same situation, I used RedirectMatch, for two reasons. Primarily, it was the only method I could find that was allowed in .htaccesson that server with a fairly restrictive config that I couldn't modify. Also I consider it cleanest, because it allows me to tell Apache that yes, there's a file there, but just pretend it's not when serving, so return 404 (as opposed to 403 which would expose things that website viewers shouldn't be aware of).

在同样的情况下，我使用RedirectMatch, 有两个原因。首先，这是我能找到的唯一方法，该方法允许在.htaccess该服务器上使用我无法修改的相当严格的配置。我也认为它是最干净的，因为它允许我告诉 Apache 是的，那里有一个文件，但只是假装它在服务时没有，所以返回 404（而不是 403，它会暴露网站查看者不应该知道的事情） ）。

I now consider the following as a standard part of my .htaccessfiles:

我现在将以下内容视为.htaccess文件的标准部分：

## Completely hide some files and directories.
RedirectMatch 404 "(?:.*)/(?:[.#].*)$"
RedirectMatch 404 "(?:.*)~$"
RedirectMatch 404 "(?:.*)/(?:CVS|RCS|_darcs)(?:/.*)?$"

This can be achieved server-wide (recommended), on a single virtual-host basis, or even inside .htaccessfiles if your server is somewhat permissive with what is allowed in them. The specific configuration you need is:

这可以在服务器范围内（推荐）在单个虚拟主机的基础上实现，或者.htaccess如果您的服务器对其中允许的内容有些宽容，甚至可以在文件内部实现。你需要的具体配置是：

RewriteEngine On
RewriteRule /\.svn /some-non-existant-404-causing-page

<IfModule autoindex_module>
    IndexIgnore .svn
</IfModule>

The first section requires mod_rewrite. It forces any requests with "/.svn" in them (ie. any request for the directory, or anything inside the directory) to be internallyredirected to a non-existant page on your website. This is completely transparent to the end-user and undetectable. It also forces a 404 error, as if your .svnfolders just disappeared.

第一部分需要mod_rewrite. 它强制任何包含“/.svn”的请求（即对目录的任何请求，或目录中的任何内容）在内部重定向到您网站上不存在的页面。这对最终用户是完全透明的并且无法检测到。它还会强制出现 404 错误，就好像您的.svn文件夹刚刚消失一样。

The second section is purely cosmetic, and will hide the .svnfolders from the autoindex module if it is activated. This is a good idea too, just to keep curious souls from getting any ideas.

第二部分纯粹是装饰性的，.svn如果它被激活，它将隐藏自动索引模块中的文件夹。这也是一个好主意，只是为了防止好奇的灵魂得到任何想法。

I use the following which returns a simple 404 to the user, not revealing that the source control directory actually exists:

我使用以下内容向用户返回一个简单的 404，而不是透露源代码控制目录实际存在：

RedirectMatch 404 /\.(svn|git)(/|$)

重定向匹配 404 /\.(svn|git)(/|$)

There is an interesting approach I use: the checkout (and update) is done on a completely separate directory (possibly on a completely separate machine), and then the code is copied to where the webserver will read it with rsync. An --exclude rule on the rsync command line is used to make it not copy any .svn (and CVS) diretories, while a --delete-excluded makes sure they will be removed even if they were copied before.

我使用了一种有趣的方法：结帐（和更新）在一个完全独立的目录（可能在一个完全独立的机器上）完成，然后将代码复制到网络服务器将使用 rsync 读取的位置。rsync 命令行上的 --exclude 规则用于使其不复制任何 .svn（和 CVS）目录，而 --delete-excluded 确保它们将被删除，即使它们之前被复制。

Since both svn update and rsync do incremental transfers, this is quite fast even for larger sites. It also allows you to have your repository behind a firewall. The only caveat is that you must move all directories with files generated on the server (such as the files/ directory on Drupal) to a place outside the rsync target directory (rsync will overwrite everything when used this way), and the symlink to it must be created in the rsync source directory. The rsync source directory can have other non-versioned files too (like machine-specific configuration files).

由于 svn update 和 rsync 都进行增量传输，因此即使对于较大的站点，这也非常快。它还允许您将存储库置于防火墙之后。唯一需要注意的是，您必须将所有包含在服务器上生成的文件的目录（例如 Drupal 上的 files/ 目录）移动到 rsync 目标目录之外的位置（以这种方式使用时，rsync 将覆盖所有内容），以及指向它的符号链接必须在 rsync 源目录中创建。rsync 源目录也可以包含其他非版本化文件（如特定于机器的配置文件）。

The full set of rsync parameters I use is

我使用的全套 rsync 参数是

rsync -vv --rsh='ssh -l username' -rltzpy --exclude .svn/ --exclude CVS/ --exclude Attic/ --delete-after --delete-excluded --chmod=og-w,Fa-x

Even then, for redundancy, I still have a configuration rule to prevent .svn from being accessed, copied from a Debian default rule which prevents .ht* (.htaccess, .htpasswd) from being accesed.

即便如此，为了冗余，我仍然有一个配置规则来防止 .svn 被访问，从 Debian 默认规则复制，该规则防止 .ht* (.htaccess, .htpasswd) 被访问。

Consider deploying live code using your operating system's package management tools, rather than directly from your VCS. This will let you ensure your live packages don't contain metadata directories, or other potentially sensitive tools and data.

考虑使用操作系统的包管理工具部署实时代码，而不是直接从 VCS 部署。这将让您确保您的实时包不包含元数据目录或其他潜在的敏感工具和数据。

Hiding the directories as Vinko says should work. But it would probably be simpler to use svn exportinstead of svn co. This should not generate the .svn directories.

像 Vinko 所说的那样隐藏目录应该有效。但是使用svn export而不是 svn co可能会更简单。这不应生成 .svn 目录。