¶ Authentication and Authorization
- Use centralized auth (LDAP/AD) with path-based ACLs.
- Enforce least privilege by repository path.
- Disable anonymous write and restrict anonymous read where needed.
- Serve SVN over HTTPS with modern TLS configuration.
- Protect credentials by disabling insecure plaintext access methods.
- Restrict admin interfaces to management networks.
- Keep hooks and server-side scripts under change control.
- Audit permission changes and repository admin actions.
- Back up repository data and test hotcopy/restore procedures.