Magento uses .htaccess files in various directories to deny access to the directory trees. You will find them in app, media, var, and wherever else Magento sees fit to stick them. They do various things like deny viewing (app, var), executing (media .htaccess). For these .htaccess files to work, it is really important that the following be set in either the doc root .htaccess or in the virtual server configuration.

Magento 使用各种目录中的 .htaccess 文件来拒绝对目录树的访问。您可以在应用程序、媒体、var 以及 Magento 认为适合粘贴它们的任何其他地方找到它们。他们做各种各样的事情，比如拒绝查看（app、var）、执行（media .htaccess）。为了使这些 .htaccess 文件工作，在文档根目录 .htaccess 或虚拟服务器配置中设置以下内容非常重要。

Options FollowSymLinks
AllowOverride All

More than likely, Magento detects that the app directory .htaccess file isn't being allowed to deny network access to your app/etc/local.xml file, so all your database credentials and encryption key are visible to anyone with a web browser.

更有可能的是，Magento 检测到应用目录 .htaccess 文件不允许拒绝网络访问您的 app/etc/local.xml 文件，因此任何拥有 Web 浏览器的人都可以看到您的所有数据库凭据和加密密钥。

Another issue might be that your file/directory permissions are too lax.

另一个问题可能是您的文件/目录权限太宽松。

For Magento running under FastCGI, SuPHP or LSAPI

适用于在 FastCGI、SuPHP 或 LSAPI 下运行的 Magento

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod 550 pear #for Magento pre 1.5
chmod 550 mage #for Magento 1.5 and up
chmod 550 cron.sh

For Magento running under DSO (mod_php)

对于在 DSO (mod_php) 下运行的 Magento

find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
chmod o+w var var/.htaccess app/etc
chmod 550 pear #for Magento pre 1.5
chmod 550 mage #for Magento 1.5 and up
chmod 550 cron.sh
chmod -R o+w media

For the question below,the app/etc folder is supposed to have the following .htaccess file in place. Trying to read anything through the server should throw a 403 error. Your next step is to get in touch with your web hoster to find out why that file is not being honored.

对于下面的问题，app/etc 文件夹应该有以下 .htaccess 文件。尝试通过服务器读取任何内容都会引发 403 错误。您的下一步是与您的网络托管服务商取得联系，以找出该文件未获批准的原因。

Order deny,allow
Deny from all

Note:If you are using alternative http servers like nginx, you must search down all of the .htaccess files created in Magento's directory tree and recreate all the .htaccess functions used by Magento in your nginx setups so you have the same file/directory protections as a standard Apache DSO install. Same goes for Windows installations on IIS.

注意：如果您使用替代的 http 服务器，例如 nginx，您必须搜索在 Magento 目录树中创建的所有 .htaccess 文件，并在您的 nginx 设置中重新创建 Magento 使用的所有 .htaccess 函数，以便您拥有相同的文件/目录保护作为标准的 Apache DSO 安装。IIS 上的 Windows 安装也是如此。

The app/etc/local.xml file needs to be chmodded to 600 and the error will go away ;)

app/etc/local.xml 文件需要修改为 600，错误就会消失；)

1.Add following in httpd.conf.

1.在httpd.conf中添加以下内容。

    <Directory "/var/www/html/app/etc">
        Options FollowSymLinks
        AllowOverride All
    </Directory>

1. set permission from ftp to local.xml =>600

2. sudo /etc/init.d/httpd restart

3. sudo /etc/init.d/httpd reload

1. 将权限从 ftp 设置为 local.xml =>600

2. sudo /etc/init.d/httpd restart

3. sudo /etc/init.d/httpd reload

Magento checks if /app/etc/local.xmlis accessible (using curl). You can try it yourself in the browser to verify.

Magento 检查是否/app/etc/local.xml可以访问（使用 curl）。您可以在浏览器中自行尝试验证。

To fix this you have make sure this file is not visible anymore. How you do that depends on your webserver. Magento ships with a .htaccessto prevent the access but you might have copied the folders without the hidden files. cpdoes not copy them. Or apache can not access .htaccesscheck file permissions.

要解决此问题，您必须确保该文件不再可见。您如何做到这一点取决于您的网络服务器。Magento 附带一个.htaccess以防止访问，但您可能复制了没有隐藏文件的文件夹。cp不复制它们。或者apache无法访问.htaccess检查文件权限。

I tried all the above and none worked on our web hosting. "AllowOverride All" would not work on our vhosts.conf and as a result, "Deny from all" was being ignored.

我尝试了上述所有方法，但没有一个适用于我们的网络托管。“AllowOverride All”在我们的 vhosts.conf 上不起作用，因此，“Deny from all”被忽略。

Add this code to .htaccess and it works a charm...

将此代码添加到 .htaccess 中，它很有魅力......

##### Block access to local.xml #####
RewriteRule ^(.*)local.xml$ - [F,L]

I solved this problem by following these steps:

我按照以下步骤解决了这个问题：

Confirm that there is an .htaccess file in the app subdirectory of the Magento installation. If the .htaccess file is missing, create a new .htaccess file in the app subdirectory that contains the following directives:

确认 Magento 安装的 app 子目录中有一个 .htaccess 文件。如果 .htaccess 文件丢失，请在包含以下指令的 app 子目录中创建一个新的 .htaccess 文件：

Order deny,allow
Deny from all

Confirm that file permissions are set correctly. Generally, directories should have permissions set to 755 (read, write, and execute permissions for the user, and read and execute permissions for the group and world). Files should have permissions set to 644 (read and write permissions for the user, and read permissions for the group and world).

确认文件权限设置正确。通常，目录的权限应该设置为 755（用户的读取、写入和执行权限，以及组和世界的读取和执行权限）。文件的权限应该设置为 644（用户的读写权限，以及组和世界的读取权限）。

Please change the .htaccess file permission to 644 then refresh the magento admin page.

请将 .htaccess 文件权限更改为 644，然后刷新 magento 管理页面。

@Brijmohan karadia and @Spudley

@Brijmohan karadia 和 @Spudley

Your solution worked. I am using AWS Linux for Magento installation.

您的解决方案有效。我正在使用 AWS Linux 进行 Magento 安装。

1. Go to /etc/httpd/conf/httpd.conf

2. Add following in httpd.conf.

   Options FollowSymLinks AllowOverride All

1. 转到/etc/httpd/conf/httpd.conf

2. 在 httpd.conf 中添加以下内容。

   选项 FollowSymLinks AllowOverride All

3.set permission from SSH/FTP to local.xml =>600 in the file path /app/etc/local.xml

3.在文件路径/app/etc/local.xml中将SSH/FTP权限设置为local.xml =>600

1. sudo service httpd restart

4. 须藤服务 httpd 重启