It should already require authentication to push (via git or SVN). Although perhaps you're hoping to stop read only access without logging in?

If so, the steps you've outlined should work (or at least be really close...), although perhaps it's worth trying to do that within the directory block of the main config file? (i.e. /etc/apache2/sites-available/revisioncontrol.conf)? TBH, I'm not 100% sure that it will work for those serivces as they aren't actually within the doc root, but might be worth a shot? Also, I'll provide some example config below.

The other thing is that Apache needs to be restarted before config changes are applied. That should be as simple as:

service apache2 restart

If you wish to use .htaccess files, you need to tell Apache to read them. Do that by adding the "AllowOverride All" directive. Again you'll want to restart Apache to apply the config change.

Also, I just noticed that the current config in the directory block, is actually deprecated (although currently still works in it's basic form). There is a note in the Apache docs, that mixing old and newer directives can sometimes cause unexpected results, so you may also want to adjust that too:

Current directory block:

<Directory /var/www>
    Order deny,allow
    Allow from all
</Directory>

To keep it as is, change that to:

<Directory /var/www>
    Require all granted
</Directory>

To also read .htaccess files:

<Directory /var/www>
    Require all granted
    AllowOverride All
</Directory>

To include auth (and read .htaccess):

<Directory /var/www>
    AuthType Basic
    AuthBasicProvider file
    AuthUserFile /etc/apache2/.htpasswd
    AuthName secure
    Require valid-user
    AllowOverride All
</Directory>

Hopefully that works?! Please let me know how you go and if you continue to have struggles, I'll boot an instance up and have a look myself...