Hi Ryan, > Anybody know what I missed? I think you need authentication for everything regarding git-receive-pack, even that GET request. I ran into that issue while patching Redmine's mod-perl authentication module to handle smart HTTP [1]. Public projects (which have anonymous pull and authenticated push) would just not work. Git first GETs that URL you mention, and then POSTs to the usual git-receive-pack URL. Both need authentication, but you're only authenticating the POST. I suggest you authenticate every request to the git-receive-pack service. Try something like this (warning, untested!): > <LocationMatch "^/git/.*/[^/]*git-receive-pack$"> If anyone else has a better idea, I'd like to know myself :-). [1]: http://www.redmine.org/issues/4905 Cheers, Antonio -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html