Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider alert message in Magento admin

By | Last Updated: June 14, 2015 | In: Magento


It is most common problem of the Magento but it is very dangerous, if there is any alert message is coming in the admin, it means anyone can access the database credentials of your Magento store from the Browser. If there is any message in admin panel just check by the Url http://[Your store url]/app/etc/local.xml, You will see the content of this file which has the database credentials. So anyone can access the database and can hack your website. Here in this post I am trying to describe how to solve the problem so that no one can access the files directly from the Browser.
Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider alert message in Magento admin


Step 1. Suppose you are loggedin in your Magento Store and there is the alert message just like as given below:

Magento Admin Error Message

Step 2. Assuming that you are not using the Shared hosting and you have the access of the SSH with the root permission so that you can edit the server setting files.

Step 3. Assuming that you are using the Apache as webserver, locate the apache2.conf file, you can find it under the /etc/apache2

Step 4. Open the file by using the “sudo nano apache2.conf” and search for the 

<Directory  />
   AllowOverride None
   Allow from None
</Directory>

Step 5. Just replace the above code with the code below:

<Directory  />
   AllowOverride All
   Allow from All
</Directory>

Step 6. Now Restart the Apache sudo /etc/init.d/apache2 restart, Now check the admin panel if there is no any message it means that problem has been resolved. if still there is the message now navigate to the /etc/apache2/sites-enabled and search for the 000-default.conf open it just by the Nano “sudo nano 000-default.conf
search for the 

<Directory  />
   AllowOverride None
   Allow from None
</Directory>

replace the code from the code below:

<Directory  />
   AllowOverride All
   Allow from All
</Directory>

Restart the Apache and check back to the admin panel if there is no any message it means that problem has been resolved.

Step 7. If still there is the error message just connect the FTP and check for the .htaccess file under the app folder with the content
Order deny,allow
Deny from all

Step 8. If there is no any file just create the .htaccess file with the content below and save it under the app folder

Order deny,allow
Deny from all

Step 9. Change the Directory and Files permission can solve the problem Navigate to the app/etc/local.xml and change the file permission 660. Now check if http://[Your store url]/app/etc/local.xml it shows forbidden or any other error message just like as the below image, now check the Magento admin dashboard if that message is gone that means everything is fine.
Error While Accessing the local.xml file

Step 10. If error is still there Navigate to the app/etc/local.xml and change the file permission 600. Now check if http://[Your store url]/app/etc/local.xml it shows forbidden or any other error message now check the Magento admin dashboard if that message is gone that means everything is fine.

Hope it helps and if you need the professional Magento Development we can help you, just Click on the Link and send me your requirements.

Please Like the Post on Facebook or Google+.

Tags:,,,,,


Related Posts