Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

security issue
 
jazcool
Jr. Member
 
Total Posts:  4
Joined:  2013-10-16
 

I am using magento ver. 1.7.02. Recently I hired a freelance programmer to do some work on my website. After that, I got a pop-up message:

“Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider.”

I called my hosting provider for help, they could not tell what to do to fix the security problem. Can any body tell me what I can do to fix this problem, what files to look at?

Also, how I can detect any security breach purposely caused by an outside freelance programmer?

 
Magento Community Magento Community
Magento Community
Magento Community
 
Rich Cleverley
Sr. Member
 
Avatar
Total Posts:  285
Joined:  2009-01-20
 

That message is related to insecure file permissions.  Have a look at http://www.magentocommerce.com/wiki/groups/227/resetting_file_permissions and http://www.magentocommerce.com/wiki/1_-_installation_and_configuration/magento_filesystem_permissions for more details.

 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top