Magento has several configuration files – one of the most important
local.xml, which contains all of your configuration details. Your database connection, caching connection details, where to store sessions – this is all contained within this file.
If you’ve been running an online store for a while now, you might have noticed something like the following in your error_log
[Tue Jul 07 12:56:32 2015] [error] [client xxx.xxx.xxx.xxx] client denied by server configuration: /var/www/vhosts/xxxxx/httpdocs/app/etc/local.xml
If you look further, you’ll notice that it happens when you try to visit
app/etc/local.xml from your browser, or, usually, every time you visit an admin page.
Why is this happening?
Magento contains a security feature to ensure that you have correctly locked down access to your
Tracking it down
app/etc/local.xml is a file that must exist in a set location, it is fairly easy to track this down to
_isFileAccessible() is called, with reference to
private $_filePath = 'app/etc/local.xml';
If you’d like to turn off notifications, take a look at https://www.yireo.com/tutorials/magento/magento-administration/1322-client-denied-by-server-configuration-appetclocalxml. They have a great solution. Simply make an adminhtml local.xml file
app/design/adminhtml/default/default/layout/local.xml and update the layout to remove the notifications blocks.
Image Credit: Sunflower Dreams