Create a .htaccessfile in the .gitfolder and put the following in this file:

.htaccess在.git文件夹中创建一个文件并将以下内容放入该文件中：

Order allow,deny
Deny from all

But note, that it would be lost if you ever re-cloned the repository

但请注意，如果您重新克隆存储库，它将丢失

Put this in an .htaccessfile at the rootof your web server:

将其放在Web 服务器根目录下的.htaccess文件中：

RedirectMatch 404 /\.git

This solution is robustand secure: it

此解决方案稳健且安全：它

• works for all .gitdirectories in your site, even if there are more than one,
• also hides other Git files like .gitignoreand .gitmodules
• works even for newly-added .gitdirectories, and
• doesn't even give away the fact that the directories exist.

• 适用.git于您站点中的所有目录，即使有多个目录，
• 还隐藏其他 Git 文件，例如.gitignore和.gitmodules
• 甚至适用于新添加的.git目录，并且
• 甚至没有泄露目录存在的事实。

Both .htaccessand permissions on the .git/folder would work. I recommend the former:

文件夹.htaccess上的 和 权限都.git/可以使用。我推荐前者：

<Directory .git>
    order allow,deny
    deny from all
</Directory>

I didn't want to muck around in the .gitdirectory and wasn't able to get Bennett's solutionto work on Apache 2.2, but adding the following to my <VirtualHost>configuration worked:

我不想在.git目录中乱搞，也无法让Bennett 的解决方案在 Apache 2.2 上工作，但是将以下内容添加到我的<VirtualHost>配置中是可行的：

RewriteRule ^.*\.git.* - [R=404]

I'm not comfortable with controlling access to my .git folders individually and choose to do it via apache config instead of .htaccess, to prevent me overwriting them, or forgetting on a new install etc.

我不习惯单独控制对我的 .git 文件夹的访问，并选择通过 apache 配置而不是 .htaccess 来完成，以防止我覆盖它们，或忘记新安装等。

Here are some detailed instructions hope they help. I'm using Ubuntu 16.10.

下面是一些详细的说明，希望对您有所帮助。我正在使用 Ubuntu 16.10。

1. First check what happens if you navigate to the .git folder in a browser. In my case I was presented with a directory listing. If you are seeing what you shouldn't be seeing (ie. you're not getting a 404), do the following.
2. Use apache2ctl -V to get the HTTPD_ROOT and SERVER_CONFIG_FILE
3. Use this to edit your apache config, in my case $ sudo nano /etc/apache2/apache2.conf
4. Add the following somewhere in the config file: RedirectMatch 404 /.git
5. Restart apache: $ sudo service apache2 restart
6. Should now get you a 404 if you navigate to the folder again
7. I tried this with .gitignore and also got a 404

1. 首先检查如果您在浏览器中导航到 .git 文件夹会发生什么。就我而言，我看到了一个目录列表。如果您看到了不该看到的内容（即您没有收到 404），请执行以下操作。
2. 使用 apache2ctl -V 获取 HTTPD_ROOT 和 SERVER_CONFIG_FILE
3. 使用它来编辑你的 apache 配置，在我的例子中是 $ sudo nano /etc/apache2/apache2.conf
4. 在配置文件的某处添加以下内容：RedirectMatch 404 /.git
5. 重启apache：$ sudo service apache2 restart
6. 如果您再次导航到该文件夹​​，现在应该为您提供 404
7. 我用 .gitignore 尝试了这个，也得到了 404

A more robust and simple option would be disabling the READ and Execution permission of the .gitdirectory.

一个更健壮和简单的选项是禁用目录的 READ 和 Execution 权限.git。

Since mostly Apache (httpd) runs under a special user account, for example, it runs as user apacheon CentOS, while the .gitdirectory must be created under a real user account, so we can simply block the access by changing the permission. Moreover, this approach doesn't introduce any new file, nor affect the git commands.

由于Apache（httpd）大多运行在一个特殊的用户帐户下，例如它apache在CentOS上以用户身份运行，而.git目录必须在真实用户帐户下创建，因此我们可以简单地通过更改权限来阻止访问。此外，这种方法不会引入任何新文件，也不会影响 git 命令。

The command can be:

命令可以是：

chmod -R o-rx .git

mod_rewrite will give you the desired affect:

mod_rewrite 会给你想要的效果：

RewriteEngine on
RewriteRule .*\.git/.* - [F]

Instead of messing with .htaccessrules like most answers suggest, why not simply put the .git/directory above the webroot?

与其.htaccess像大多数答案所建议的那样弄乱规则，为什么不简单地将.git/目录放在 webroot 之上？

In my setups, my .gitdirectory usually lives in something like:

在我的设置中，我的.git目录通常位于以下位置：

/home/web/project_name/.git/

/home/web/project_name/.git/

My actual code lives in

我的实际代码位于

/home/web/project_name/www_root/

/home/web/project_name/www_root/

since my web root (as defined on Apache or Nginx.. I prefer the latter) is /home/web/project_name/www_root/there's no way the .gitdirectory can be accessible from the web since it lives "higher" than the webroot

因为我的网络根目录（在 Apache 或 Nginx 上定义。我更喜欢后者）是/home/web/project_name/www_root/无法.git从网络访问该目录的，因为它比 webroot “更高”