I successfully implemented SSL on our website and went the LetsEncrypt to get my CA. All is set properly and in working order except one weird issue I am encountering post enabling.
Your web server is configured incorrectly. As a result, configuration files with sensitive information are accessible from the outside. Please contact your hosting provider.
I followed the instructions found via documents, articles, etc to enable SSL, set base URL and Secure URL to "https://", SSL_OFFLOADED and Use Web Url Rewrites to no. All was fine before I switched and I wasn't getting that error above. Now I am. Any ideas? My .htaccess appears to be proper and my permissions on the folders on my server are various 644, 755, etc.
How do I resolve this issue?
EDIT: I am running my site on Ubuntu 14.0.4. LetsEncrypt used for my SSL. Green lock appears for frontend and admin area with no issues. Urls all work but include index.php. I am trying to remove that index.php from the urls for friendlier ones.
Best Answer
To configure Magento to work with your SSL certificate, first you need to login to your admin area and go to System -> Configuration.
Next, click on the Web link under the General tab in your left menu.
Make sure that you've set the Use Secure URLs in Frontend and Use Secure URLs in Admin to yes. Doing this will make your Magento application work with SSL for those parts of your site.
your Magento store is now configured to work over SSL!