You could have worded it a little differently: if a folder is not accessible in the root directory of the web server, there is no need to modify the web server config to deny access to .git.
These type of snarky responses discourage newcomers to participate in discussions. I have seen this happen to many people, so please dial back the snark.
Isn't this a non issue (don't need to change any config to block .git) with a properly configured firewall and nginx proxy passing to localhost when the code does not live in a publicly visible location? Eg- https://www.digitalocean.com/community/tutorials/how-to-set-...
So, the way I deploy code is to SSH into my server, clone my repo from GitHub, setup the db and start the relevant systemd services. If I need to install updates it's a simple git pull and restart the services. I can use something like ansible for configuration management to reduce the manual SSH part.
For someone like me, what benefit do these PaaS offerings provide?
These type of snarky responses discourage newcomers to participate in discussions. I have seen this happen to many people, so please dial back the snark.