Understanding VisualSVN Server network settings

This article describes VisualSVN Server network settings. You can find these settings on the Network tab in the VisualSVN Server Properties dialog.

Server name

The server name should be configured to match the domain name (FQDN) in the URL that is used to access the server. The server name value will be used when generating server certificates and for VisualSVN Server Manager commands such as Open in Web Interface.

Note

To change the URL at which the server is accessible, you need to make the appropriate DNS changes. See the article KB224: Configuring a custom DNS name for VisualSVN Server in Active Directory for more information.

Server port

This setting allows you to configure VisualSVN Server to use a specific TCP port. By default the server uses port 443 for HTTPS and port 80 for HTTP.

If the default ports are occupied by other applications, it is suggested to use the 8443 and 8080 ports instead. Non-standard ports can also be used if required.

Protocol settings

VisualSVN Server has several protocol-related settings. Repositories are accessible to end users through either HTTP or HTTPS protocols. When using HTTPS, you may choose an appropriate TLS/SSL compatibility level and optionally enable the automatic redirection from HTTP to HTTPS.

Use secure connection (HTTPS)

When the Use secure connection (HTTPS) check box is selected, VisualSVN Server is accessible to end users only through the HTTPS protocol. The HTTPS protocol encrypts data using the TLS cryptographic protocol and thus provides security between a client and a server. The HTTP protocol, on the other hand, does not use encryption and sends data over the network in plain text. It is highly recommended that your repositories are only accessible over HTTPS. The check box is selected by default.

TLS/SSL compatibility level

TLS/SSL compatibility levels enable certain versions of TLS cryptographic protocol and certain cipher suites. There are three TLS/SSL compatibility levels available. The default Intermediate level is reasonably secure and compatible with a wide range of clients. To learn more about this setting see the KB195: Understanding TLS/SSL compatibility levels in VisualSVN Server article.

Automatically redirect HTTP to HTTPS (listen on port 80)

When the Automatically redirect HTTP to HTTPS (listen on port 80) check box is selected, all attempts to access the server via HTTP will be automatically redirected to HTTPS.

When the redirection is enabled, VisualSVN Server occupies both port 80 and the port specified in the Server port field.

Tip

To redirect HTTP traffic from a non-default port (other than port 80), follow the instructions given in the KB144: Configuring redirection from HTTP to HTTPS article.

Enable HTTP Strict Transport Security (HSTS)

Available since VisualSVN Server 5.1.

The security option Enable HTTP Strict Transport Security (HSTS) enforces the use of the secure HTTPS protocol when accessing the server. When the policy is enabled on a server, all HSTS-capable clients will contact the server only through a secure connection (HTTPS). Thus, this policy helps to protect against man-in-the-middle attacks and does not allow users to ignore certificate warnings.

Read the article KB207: HTTP Strict Transport Security (HSTS) support in VisualSVN Server for more information.

Repositories URL

This setting allows you to customize the URL prefix that will be used to access repositories. Click the Customize button to see the available options.

With the default 'svn' prefix, a repository URL in VisualSVN Server will look similar to https://server.example.com/svn/MyRepo. Change it for a custom or an empty prefix if it works better for you.

Tip

When migrating to VisualSVN Server from a different Subversion server, consider using a custom URL prefix that mirrors the value from the previous server — to make migration transparent for the users.

Server Binding

Server computers can have multiple IP interfaces. Each IP interface has a unique IP address which may be used by server applications and services. VisualSVN Server binds to all available IP addresses by default. You can bind VisualSVN Server to a specific network address if required.

All IP addresses

This option is enabled by default and binds VisualSVN Server to all IP addresses that are available on a server computer.

These IP addresses

Use this option to bind VisualSVN Server to one or several specific IP addresses. To add an IP address click the Add button and type in the address. Use a drop-down list to select from all IP addresses available on this server computer.