Knowledge Base

Error message when you access the Magento administration interface: 'Your web server is configured incorrectly'

This article discusses a problem that may occur when you try to access the Magento administration console, as well as how to resolve it.

Problem

When you try to access the Magento administration console, you receive the following error message in your web browser:

Your web server is configured incorrectly. 
As a result, configuration files with sensitive information are accessible from the outside. 
Please contact your hosting provider.

Cause

This problem occurs because file permissions are set too permissively, or because there is a missing .htaccess file in the app subdirectory of the Magento installation.

Resolution

To resolve this problem, follow these steps:

  1. Confirm that there is an .htaccess file in the app subdirectory of the Magento installation. If the .htaccess file is missing, create a new .htaccess file in the app subdirectory that contains the following directives:
    Order deny,allow
    Deny from all
    
  2. Confirm that file permissions are set correctly. Generally, directories should have permissions set to 755 (read, write, and execute permissions for the user, and read and execute permissions for the group and world). Files should have permissions set to 644 (read and write permissions for the user, and read permissions for the group and world).

    You can change the permissions for all of the files and directories in your Magento installation by using the command line. To do this, follow these steps:

    1. Log in to your account using SSH.
    2. At the command prompt, change to the directory where you installed Magento. For example, if Magento is installed in the document root directory, type cd ~/public_html.
    3. Type the following command:
      find . -type f -exec chmod 644 {} \;
      This command modifies the permissions of all files to 644.
    4. Type the following command:

      find . -type d -exec chmod 755 {} \;
      This command modifies the permissions of all directories to 755.