Here is solution to the issue, which comes in magento admin dashboard.
"Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider."
Issue Explanation :-
The issue relates with easy access to configuration file by web, i.e.,
http://sitename/
And this should be made unreadable by web.
Solution :-
Depending on server apache settings any of the following solution may work.
1. Try changing permissions of app/etc/local.xml to 660. Then check if http://sitename/app/etc/local.xml shows forbidden(or access denied or any error) & then test magento admin dashboard if that error is gone.
2. In case 1 fails, then
Try changing permissions of app/etc/local.xml to 600. Then check if http://sitename/app/etc/local.xml shows forbidden & then test magento admin dashboard if that error is gone.
3. In case, 1 & 2 both fails then lets discuss it further with me, as there might any other security loophole that too has to be fixed.
Useful and informative post here and i get it clear information about this topic here. hosting services
ReplyDeleteperfect solution...no 1 worked for me.
ReplyDeleteThanxxxxxxxx.
thanks... no 2 for me
ReplyDeleteWhen I changed the file permissions and tried to access the site it took me to the installation page and not the site, do you know why this would be?
ReplyDeleteFrnd, i think you have changed the permission such that the local.xml is also not available for read. Read permission must always be given to that file.
DeleteIf read is not allowed it will take you to installation page.
Hope, you find the answer to your question.
If still you couldnot find the answer please mail me or put here your email id so that i can personally solve your problem,
you say "http://sitename/app/etc/local.xml
ReplyDeleteAnd this should be made unreadable by web"
but it does need to be readable by web. Do you mean not writeable?
Hi,
DeleteBy readable i mean here if you type "http://sitename/app/etc/local.xml" in your web browser it shouldnot open up the file in browser. So it should rather be not accessible to the browser or the outer world.
Thanks for the precious comment of yours.
Thanks
Hi,
ReplyDeleteI have tried out both of your above suggestion but not found any change i am still getting that error at backend and also being able to read file by browser.I am using Magento 1.6.2.0 and Ubuntu as my operating system...Need Your Valuable Feedback.
Thanks In Advance..
Hi,
DeleteHave you tried by changing the file(local.xml) permission to read/write.
Donot allow access permission.
Thanks
ya i have change the local.xml permission to read only but don't found any change
DeleteCan you please provide me link of your website.
Deletei m working on local server
Deleteis it get solved as i upload my file on server
ReplyDeleteThanx a lot! perfect solution.
ReplyDeletehi
ReplyDeletethanks a lot for your post.
but now i am in trouble.
after changing permissions of app/etc/local.xml to 660, it took me to installation Wizard.
then i changed it to 600 then also result is same.
so i changed it to again as previous 664 then i got this error "There has been an error processing your request".
what should i do.
its live site
my email: anusuiyadixit@gmail.com
with regards
Anusuiya
skype: anusuiya.raddyx
i have done all those steps, but its still not working.
ReplyDeletemay i have your email id to contact
Nice post, Superb information, Thanks for sharing with us. iPage review
ReplyDeleteI am getting the same issue. I did the magento-check.php, and it says all is good.
ReplyDeleteI changed the permission on the local.xml file to 660, but the file is still readable from the outside.
I changed the permission on the local.xml file to 600, but the file is still readable from the outside. Interestingly, the magento error warning goes away when I do this, despite the fact that I can still read the local.xml file from outside.
Oops, please ignore previous message. Changing permission to 660 fixed it.
ReplyDeletegreat information sharing...
ReplyDeletehttp://software-development-toolbox.blogspot.in/2009/05/systemwebhostinghostingenvironmentexcep.html
Much obliged for sharing such a valuable data.
ReplyDeleteWeb Hosting India
Good Post. Valuable Information. TO check web hosting visit fozzy web hosting India.
ReplyDeleteHey just wanted to give you a quick heads up. The text in your article seem to be running off the screen in Firefox. I'm not sure if this is a format issue or something to do with browser compatibility but I figured I'd post to let you know. The design look great though! Hope you get the problem solved soon. Many thanks criar loja virtual
ReplyDeleteGood Information shared with about PHP Magneto Information. These terms I don't know that much. Thank You. I also wrote article about google web hosting services you can check here.
ReplyDeleteI hope you don’t mind if i bookmark your site, so that i can easily find it again in the future. Cheers
ReplyDeleteWireless Earphones with Bluetooth
hi, Great.. Tutorial is just awesome..It is really helpful for a newbie like me.. I am a regular follower of your blog. Really very informative post you shared here.
ReplyDeleteKindly keep blogging. If anyone wants to become a Front end developer learn from javascript and jquery training in chennai .
or learn thru Javascript Training in Chennai.
Nowadays JavaScript has tons of job opportunities on various vertical industry. javascript and jquery training in chennai
It is my first time I visit here. I discovered such innumerable stuff in your blog, particularly its discussion. From the enormous measures of remarks on your articles, I figure I am by all record by all record by all account not the only one having all the happiness here! Keep up the impressive work.
ReplyDeleteZenyataa shoes
Well researched article and I appreciate this. The blog is subscribed and will see new topics soon.
ReplyDeletepython Training in Pune
python Training in Chennai
python Training in Bangalore
cheap dedicated server host your DMCA ignore projects with peace of mind. We do offer 2 different locations like Russia, Netherlands. Streaming servers are also available for Sporta streaming. You can order custom configuration for your dedicated servers.
ReplyDeleteOur data centers are connected with 10+ Gbps of the Channel, which provides low latency as well as cheap prices.
Each offshore hosting comes with 1 Gigabit shared port to ensure high speed internet on your server, this makes it ideal to run successful business.
ReplyDeleteadult web hosting servers are also available where you are free to ask for any type of help regarding server related issues, our expert team will be there to help you through the process.
Thank you for taking the time to provide us with your valuable information. We strive to provide our candidates with excellent care and we take your comments to heart.As always, we appreciate your confidence and trust in us
ReplyDeletedevops training in chennai | devops training in anna nagar | devops training in omr | devops training in porur | devops training in tambaram | devops training in velachery
Extremely helpful! I was facing the exact same issue with my Magento installation, and this blog post provided clear and concise solutions. Thanks to the author for sharing their expertise
ReplyDeletelocation tracker
As a newcomer to Magento, I found this tutorial invaluable. The step-by-step instructions made it easy for me to understand and implement the solution. Highly recommend it to anyone encountering similar problems.
ReplyDelete24k gold for house warming gift
This blog saved me hours of frustration! The issue was plaguing my Magento admin dashboard, but the straightforward solutions provided here resolved it quickly. Kudos to the author for sharing their knowledge
ReplyDeletebharat rope quality furnishing
I stumbled upon this post while searching for a solution to the 'Your web server is configured incorrectly' error in Magento. The explanations were easy to follow, and I appreciate the author's prompt response to potential security loopholes. Thank you
ReplyDeletebathroom tiles gurgaon
A lifesaver for Magento users! The author's experience shines through in this post, offering practical solutions to a common problem. I implemented the suggested changes, and my Magento site is now secure. Highly recommended
ReplyDeleteaccessories for the home
Simple yet effective! I'm not very tech-savvy, but the instructions provided here were straightforward and easy to implement. I no longer see the error message in my Magento admin dashboard. Thank you for sharing your expertise
ReplyDeleterotavator parts manufacturers in punjab
I've been struggling with this Magento issue for days until I stumbled upon this blog post. The solutions provided here worked like a charm! I appreciate the author's willingness to help and their clear explanations. Two thumbs up
ReplyDeleteanalog watches for men
If you're facing the 'Your web server is configured incorrectly' error in Magento, look no further! This blog post offers practical solutions that actually work. The author's expertise in Magento shines through, and I'm grateful for their assistance.
ReplyDeleteecommerce marketing agency