diff --git a/rhodecode/lib/middleware/simplegit.py b/rhodecode/lib/middleware/simplegit.py
--- a/rhodecode/lib/middleware/simplegit.py
+++ b/rhodecode/lib/middleware/simplegit.py
@@ -65,11 +65,11 @@ dulserver.DEFAULT_HANDLERS = {
 }
 
 from dulwich.repo import Repo
-from dulwich.web import HTTPGitApplication
+from dulwich.web import make_wsgi_chain
 
 from paste.httpheaders import REMOTE_USER, AUTH_TYPE
 
-from rhodecode.lib import safe_str
+from rhodecode.lib.utils2 import safe_str
 from rhodecode.lib.base import BaseVCSController
 from rhodecode.lib.auth import get_container_username
 from rhodecode.lib.utils import is_valid_repo
@@ -86,7 +86,9 @@ GIT_PROTO_PAT = re.compile(r'^/(.+)/(inf
 def is_git(environ):
     path_info = environ['PATH_INFO']
     isgit_path = GIT_PROTO_PAT.match(path_info)
-    log.debug('is a git path %s pathinfo : %s' % (isgit_path, path_info))
+    log.debug('pathinfo: %s detected as GIT %s' % (
+        path_info, isgit_path != None)
+    )
     return isgit_path
 
 
@@ -113,6 +115,10 @@ class SimpleGit(BaseVCSController):
         except:
             return HTTPInternalServerError()(environ, start_response)
 
+        # quick check if that dir exists...
+        if is_valid_repo(repo_name, self.basepath) is False:
+            return HTTPNotFound()(environ, start_response)
+
         #======================================================================
         # GET ACTION PULL or PUSH
         #======================================================================
@@ -121,7 +127,6 @@ class SimpleGit(BaseVCSController):
         #======================================================================
         # CHECK ANONYMOUS PERMISSION
         #======================================================================
-
         if action in ['pull', 'push']:
             anonymous_user = self.__get_user('default')
             username = anonymous_user.username
@@ -177,13 +182,9 @@ class SimpleGit(BaseVCSController):
         #===================================================================
         # GIT REQUEST HANDLING
         #===================================================================
-        repo_path = safe_str(os.path.join(self.basepath, repo_name))
+        repo_path = os.path.join(safe_str(self.basepath), safe_str(repo_name))
         log.debug('Repository path is %s' % repo_path)
 
-        # quick check if that dir exists...
-        if is_valid_repo(repo_name, self.basepath) is False:
-            return HTTPNotFound()(environ, start_response)
-
         try:
             #invalidate cache on push
             if action == 'push':
@@ -204,7 +205,7 @@ class SimpleGit(BaseVCSController):
         """
         _d = {'/' + repo_name: Repo(repo_path)}
         backend = dulserver.DictBackend(_d)
-        gitserve = HTTPGitApplication(backend)
+        gitserve = make_wsgi_chain(backend)
 
         return gitserve