cancel
Showing results for 
Search instead for 
Did you mean: 

Erroneous dev folder not protected

Erroneous dev folder not protected

With last night's Security Scan on our 1.9.4.0 installation, it is suddenly reporting:

"Your Magento installation /dev folder is not protected /dev/tests/functional/etc/config.xml Operation timed out after 30001 milliseconds with 0 out of -1 bytes received "

 

All other daily security scans up to last night did not report this, and I have verified our .htaccess file exists and contains:

Order deny,allow
Deny from all

 

I am assuming this is another bug in the security scan code since it appears their scan was not able to gain access to the /dev/tests/functional/etc/config.xml file. If I am wrong, someone please inform me. Thanks.

 

4 REPLIES 4

Re: Erroneous dev folder not protected

Hello @anchorpad 

 

I am not sure if you are using magereport or default Magento security scan tool

But just to let you know, magereport don't have access to your files, so sometimes they just show in grey colour. They are not sure if it fixed or not.

 

Ensure that a file called /dev/.htaccess exists and contains the following lines:

Was my answer helpful? You can accept it as a solution.
150+ professional extensions for M1 & M2 with free lifetime updates!

Re: Erroneous dev folder not protected

Using the Magento security scan tool, set to daily scan.
.htaccess does exist with:
Order deny,allow
Deny from all

Re: Erroneous dev folder not protected

Re: Erroneous dev folder not protected

@anchorpad If .htaccess is there then it is fine.