cancel
Showing results for 
Search instead for 
Did you mean: 

Erroneous dev folder not protected

Highlighted

Erroneous dev folder not protected

With last night's Security Scan on our 1.9.4.0 installation, it is suddenly reporting:

"Your Magento installation /dev folder is not protected /dev/tests/functional/etc/config.xml Operation timed out after 30001 milliseconds with 0 out of -1 bytes received "

 

All other daily security scans up to last night did not report this, and I have verified our .htaccess file exists and contains:

Order deny,allow
Deny from all

 

I am assuming this is another bug in the security scan code since it appears their scan was not able to gain access to the /dev/tests/functional/etc/config.xml file. If I am wrong, someone please inform me. Thanks.

 

4 REPLIES 4
Highlighted

Re: Erroneous dev folder not protected

Hello @anchorpad 

 

I am not sure if you are using magereport or default Magento security scan tool

But just to let you know, magereport don't have access to your files, so sometimes they just show in grey colour. They are not sure if it fixed or not.

 

Ensure that a file called /dev/.htaccess exists and contains the following lines:

Found something useful, "Kudos" and "Accept as Solution" for Token of Appreciation.

Magento Tutorials
Highlighted

Re: Erroneous dev folder not protected

Using the Magento security scan tool, set to daily scan.
.htaccess does exist with:
Order deny,allow
Deny from all
Highlighted

Re: Erroneous dev folder not protected

Highlighted

Re: Erroneous dev folder not protected

@anchorpad If .htaccess is there then it is fine.