Magento: Your web server is configured incorrectly

magento ssh permissions rights

21,478

Solution 1

Specifically check the permissions on app/etc/local.xml as usually this means it is world readable.

Also, there is supposed to be a .htaccess file in app/etc/ that denies the contents from being served out by the web server. Check just in case your tar backup didn't include it. Usually this problem comes about from using an FTP client to do the transfer that has had hidden file visibility turned off.

Solution 2

For Apache 2.4.x you have to add Require all granted So it would look something like this:

<Directory /var/www/magento>
  AllowOverride All
  # New directive needed in Apache 2.4.3: 
  Require all granted
</Directory>

Source: Apache: client denied by server configuration

Solution 3

Im using a Debian 7 with Apache 2.2.22 and Magento 1.9.1, adding

<Directory /var/www/magento/>
            AllowOverride All
</Directory>

in /etc/apache2/sites-available/default

works for me

Solution 4

Similar to John Veldboom's answer I added this to /etc/apache2/apache2.conf since my magento install was in a different directory /var/www/html (eg. the directory path is wherever magento was extracted):

<Directory /var/www/html/>
        AllowOverride All
        Require all granted
</Directory>

With the following apache2 and ubuntu distro:

root@test-VirtualBox:/var/www/html# dpkg -l apache2 && lsb_release -a
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  apache2        2.4.7-1ubunt amd64        Apache HTTP Server
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:   trusty

Solution 5

Thanks Haselnussstrauch, your answer worked for me. My setting was in apache2.conf

sudo nano /etc/apache2/apache2.conf

Change the default AllowOverride None to AllowOverride All

<Directory /var/www/>
    Options FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

Then restart Apache:

sudo service apache2 restart

View more solutions

21,478

Author by

user2576151

Updated on June 25, 2020

Comments

user2576151 almost 4 years

From a live magento setup I made a tar.gz, moved that to an domains of another DirectAdmin user, extracted the tar.gz, copied the database, changed the URL of domain in the database. Front-end works good.

Backend gives me the following error:

Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider.”

I already check the folder and file permission. Also tried to change the rights from the user:group settings with SSH access to the same user as the DirectAdmin user name. But that did not work either.

Note that this installation is on the same server as the live environment.

Live: (working) http://imageshack.us/photo/my-images/197/nrhj.png/
Test: (not working) http://imageshack.us/photo/my-images/542/uklz.png/
Joe Fletcher almost 10 years

The missing .htaccess was my issue. I went to a fresh Magento install and took the .htaccess that was located at /app (not /app/etc/). The .htaccess simply contains:Order deny,allow Deny from all
user3338098 over 8 years

end summary: don't block ip addresses with apache (it's horrible), instead I use fail2ban, it's SO much better.