Here is solution to the issue, which comes in magento admin dashboard.
"Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider."
Issue Explanation :-
The issue relates with easy access to configuration file by web, i.e.,
http://sitename/
And this should be made unreadable by web.
Solution :-
Depending on server apache settings any of the following solution may work.
1. Try changing permissions of app/etc/local.xml to 660. Then check if http://sitename/app/etc/local.xml shows forbidden(or access denied or any error) & then test magento admin dashboard if that error is gone.
2. In case 1 fails, then
Try changing permissions of app/etc/local.xml to 600. Then check if http://sitename/app/etc/local.xml shows forbidden & then test magento admin dashboard if that error is gone.
3. In case, 1 & 2 both fails then lets discuss it further with me, as there might any other security loophole that too has to be fixed.
