There has always been a lot of issues with this check. So it's way simpler now. Just check if it is in the docroot, if so, block the login. Might be that you need to change your config a bit because this doesn't take htaccess-controls into account, but this is much simpler.
The last update to this check told me to secure my install, even though the file is not downloadable, so that was broken too.
There has always been a lot of issues with this check. So it's way simpler now. Just check if it is in the docroot, if so, block the login. Might be that you need to change your config a bit because this doesn't take htaccess-controls into account, but this is much simpler.
The last update to this check told me to secure my install, even though the file is not downloadable, so that was broken too.