Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disable http clone in stash

Sergey P.
Sergey P. February 26, 2014

How we can disable http clone in stash and leave only ssh one?

Also disable "Download current branch"

Answer
Watch
Like Be the first to like this
608 views

2 answers

1 accepted

0 votes
Answer accepted
Sergey P.
Sergey P. June 3, 2014

Used nginx rules to disable it.

Reply
0 votes
Jeff Thomas
Jeff Thomas
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 26, 2014

You currently cannot do this in Stash as far as I'm aware. There is an open issue to disabling HTTP clone in Stash at STASH-2859. Although using HTTP is far more efficiant than SSH.

What are you reasons for wanting to disable HTTP?

If it's a security concern, you could look at setting up Stash to use HTTPS.

Update

Stash 3.11+ has the option to disable HTTP for Git operations.

View More Comments
Sergey P.
Sergey P. February 26, 2014

Security. Attacker could get access to website and add public key to user profile, or just clone from website. The first variant is harder. Second is possible.

Like Laerson Rodrigues Cardoso likes this
Deleted user July 20, 2016

re: what are your reasons?

We want to prevent developers from updating the repository using HTTP with basic auth.  We want to restrict all repository updates to using SSH so that we can avoid putting username and passwords on the wire.

Like Laerson Rodrigues Cardoso likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events