Magento Forum

   
Page 1 of 2
Error: “Your web server is configured incorrectly.”
 
00Dante
Jr. Member
 
Total Posts:  5
Joined:  2011-01-09
 

Well, this my first time installing Magento.
Using Magento ver. 1.4.2.0
I made it through, and everything seems to of worked fine - except I get this error:

“Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider.”

Here is a screen shot: http://qkpic.com/3917d

The error doesn’t seem to prevent anything from working properly - it’s just a little scary sounding.
What should I do?

I installed via the full version and not the autodownloader thing.
Also, I didn’t install in the root directory, I installed in a directory called /store

Image Attachments
screen-capture-25.png
 
Magento Community Magento Community
Magento Community
Magento Community
 
00Dante
Jr. Member
 
Total Posts:  5
Joined:  2011-01-09
 

Looks like it comes from this file:
http://svn.magentocommerce.com/source/branches/1.4-trunk/app/design/adminhtml/default/default/template/notification/security.phtml

So what triggers this?!

 
Magento Community Magento Community
Magento Community
Magento Community
 
Justin
Jr. Member
 
Avatar
Total Posts:  3
Joined:  2010-12-20
Minneapolis
 

I think you get problem in security setting. So, check it back and re- configure it to be sure that meet all requirements.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Insolo
Jr. Member
 
Avatar
Total Posts:  11
Joined:  2010-04-26
 
dwspro - 09 January 2011 06:03 PM

I think you get problem in security setting. So, check it back and re- configure it to be sure that meet all requirements.

Genious answer.

 
Magento Community Magento Community
Magento Community
Magento Community
 
jalker
Jr. Member
 
Total Posts:  15
Joined:  2011-01-12
 

I am having the same error message… and installed it the same way. Did you find a fix for it?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Mageex
Jr. Member
 
Avatar
Total Posts:  9
Joined:  2010-09-08
 

Where dis you install? I mean how is your server environment?

 
Magento Community Magento Community
Magento Community
Magento Community
 
agenti
Jr. Member
 
Avatar
Total Posts:  4
Joined:  2009-12-27
 

Magento is using .htaccess files to protect certiain files and directories. (ex. /app and everything underneath it)

If you’re running Apache, check in your (virtual)server configuration, if overriding from .htaccess files is allowed.

Setting AllowOverride to All should make the warning disappear.
--- config snippet ---
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
--- end ---

 
Magento Community Magento Community
Magento Community
Magento Community
 
awsom
Jr. Member
 
Total Posts:  3
Joined:  2011-01-11
 

I have the same problem. When im going to install (webbased) on my apache2 server. I use the following commands:

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 777 {} \;

Than after installation, I get the message that it isnot secure etc.etc. WHAT chmod do i have to use after the installation??
I can access http://192.168.1.3/magento/app/etc/local.xml with my browser… I cant find a simple answer to use what chmods etc for what directory…

Mmm. I changed the following in /etc/apache2/sites-enabled/000-default

Documentroot /var/www
<Directory />
      
Options FollowSymLinks
       AllowOverride [b]All[
/b]
</Directory>
<
Directory /var/www/>
            
Options Indexes FollowSymLinks MultiViews
            AllowOverride [b]All[
/b]
            Order allow
,deny
             allow from all
</directory>

Do I have to set both AllowOverride from None to All or just one? Thanks.

 
Magento Community Magento Community
Magento Community
Magento Community
 
webrup
Jr. Member
 
Total Posts:  7
Joined:  2010-10-27
 

Make sure in your Apache config for this directory is set to:
AllowOverride All

And I noticed that I forgot to add the symlink to the “sites-enabled” directory for apache,
to make sure the config is used.

After that, my error went away.

Good luck.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Seth Rogers
Jr. Member
 
Total Posts:  2
Joined:  2009-08-01
 

Hi there. I’m new in magento. I strart with 1.4.2 and i got problem. It shows me this same error.
SORRY FOR MY ENGLISH. i had hope you will understand me
Help Me !!!!
I dont have acces to my server conf so i cant change anything in there. the only thing i can change is .htaccess file.
Can enyone help me do this.
I put here what i got i my .htaccess. if this will work and anyone can change this for me in this file. Will be great and you save my life.

############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi

#    Action php5-cgi /cgi-bin/php5-cgi
#    AddHandler php5-cgi .php

############################################
## GoDaddy specific options

#   Options -MultiViews

## you might also need to add this line to php.ini
##     cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini

############################################
## this line is specific for 1and1 hosting

    #AddType x-mapp-php5 .php
    #AddHandler x-mapp-php5 .php

############################################
## default index file

    DirectoryIndex index.php

<IfModule mod_php5.c>

############################################
## adjust memory limit

#    php_value memory_limit 64M
    
php_value memory_limit 128M
    php_value max_execution_time 18000

############################################
## disable magic quotes for php request vars

    
php_flag magic_quotes_gpc off

############################################
## disable automatic session start
## before autoload was initialized

    
php_flag session.auto_start off

############################################
## enable resulting html compression

    
php_flag zlib.output_compression on

###########################################
# disable user agent verification to not break multiple image upload

    
php_flag suhosin.session.cryptua off

###########################################
# turn off compatibility with PHP4 when dealing with objects

    
php_flag zend.ze1_compatibility_mode Off

</IfModule>

<
IfModule mod_security.c>
###########################################
# disable POST processing to not break multiple image upload

    
SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>

<
IfModule mod_deflate.c>

############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip

    # Insert filter on all content
    ###SetOutputFilter DEFLATE
    # Insert filter on selected content types only
    #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript

    # Netscape 4.x has some problems...
    #BrowserMatch ^Mozilla/4 gzip-only-text/html

    # Netscape 4.06-4.08 have some more problems
    #BrowserMatch ^Mozilla/4\.0[678] no-gzip

    # MSIE masquerades as Netscape, but it is fine
    #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

    # Don't compress images
    #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    # Make sure proxies don't deliver the wrong content
    #Header append Vary User-Agent env=!dont-vary

</IfModule>

<
IfModule mod_ssl.c>

############################################
## make HTTPS env vars available for CGI mode

    
SSLOptions StdEnvVars

</IfModule>

<
IfModule mod_rewrite.c>

############################################
## enable rewrites

    
Options +FollowSymLinks
    RewriteEngine on

############################################
## you can put here your magento root folder
## path relative to web root

    #RewriteBase /magento/

############################################
## workaround for HTTP authorization
## in CGI environment

    
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

############################################
## always send 404 on missing files in these folders

    
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/

############################################
## never rewrite for existing files, directories and links

    
RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond 
%{REQUEST_FILENAME} !-d
    RewriteCond 
%{REQUEST_FILENAME} !-l

############################################
## rewrite everything else to index.php

    
RewriteRule .* index.php [L]

</IfModule>


############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead

    
AddDefaultCharset Off
    
#AddDefaultCharset UTF-8

<IfModule mod_expires.c>

############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires

    
ExpiresDefault "access plus 1 year"

</IfModule>

############################################
## By default allow all access

    
Order allow,deny
    Allow from all

############################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags

    #FileETag none

agenti - 14 January 2011 03:53 AM

Magento is using .htaccess files to protect certiain files and directories. (ex. /app and everything underneath it)

If you’re running Apache, check in your (virtual)server configuration, if overriding from .htaccess files is allowed.

Setting AllowOverride to All should make the warning disappear.
--- config snippet ---
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
--- end ---

 
Magento Community Magento Community
Magento Community
Magento Community
 
loopion
Jr. Member
 
Total Posts:  24
Joined:  2010-02-11
New York
 

Here is what save my life on this subject:

<Directory /var/www/>
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>

 
Magento Community Magento Community
Magento Community
Magento Community
 
g0ldstein
Member
 
Total Posts:  36
Joined:  2009-02-15
 

What I get after adding this to the root htaccess of Magento is a “Not found” page.

Solution anyone?

 
Magento Community Magento Community
Magento Community
Magento Community
 
SimpleHelixcom
Enthusiast
 
Avatar
Total Posts:  906
Joined:  2007-08-31
Huntsville, AL
 

Hello,

This usually happens if app/etc/local.xml is set to 777 or is readable in the browser. I would recommend setting its permissions to 640 or 644, and making sure that your .htaccess files are intact.

 
Magento Community Magento Community
Magento Community
Magento Community
 
g0ldstein
Member
 
Total Posts:  36
Joined:  2009-02-15
 

thanks, but i verified this details and all is ok on that side ... I keep having the message :(

 
Magento Community Magento Community
Magento Community
Magento Community
 
SimpleHelixcom
Enthusiast
 
Avatar
Total Posts:  906
Joined:  2007-08-31
Huntsville, AL
 

Hello,

I’m curious - have you tried 1.5.1.0? I would say another version might not exhibit the same behavior; perhaps it’s worth a try.

 
Magento Community Magento Community
Magento Community
Magento Community
 
angelicakm
Jr. Member
 
Total Posts:  27
Joined:  2011-03-29
 

Hi, I am struggling with this issue as well.

I am running Magento version 1.5.1.0, so that’s not a version problem.

I am not sure if this message is due to wrong file permission settings, if it’s due to apache2.conf configuration, or sites-enabled/default configuration, or .httpd file configuration.

By the way, I’ve tried multiple changes to all of them, and nothing worked.

I’m not experient at all with apache server configuration, do anyone have a clue how this can be fixed??

I’ve set on apache2.conf “AllowOverride All” for .httpd.
My httpd.conf file is empty.
On sites-enabled/default file, everything is set, in this moment, to “AllowOverride None” ( I’ve tried MULTIPLE configurations, now I left it as it is, until someone can put a light on this subject...)

My permissions for app/etc, media and var are set to 777. The rest of the files and directories are set to 755.
I didn’t find anywhere a tutorial explaining which are the right permissions, when I set them to 6xx, 655 etc, Magento stops working.

Thanks!

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
    Back to top
Page 1 of 2