One task you need to be sure to do when implementing git on a website is to make sure the .git directory isn’t available to the Internet.
This can be done by placing an .htaccess file in the .git directory itself, but a better cleaner way is to place the following line in your main .htaccess file.
RedirectMatch 403 /.git.*$
::
Source link
