I've noticed that while Revo comes with an ht.access file in the /core/ directory with directives to deny all .php files in the core directory, there's no way to deal with this in the Cloud. It's an easy addition to the nginx configuration, but that's not accessible. Can this be done at all in the Cloud?
{edit} Well, that's weird... I just checked this about an hour ago and the config.inc.php file was accessible. Now, checking it again, I'm getting a 403 forbidden error, which is what I had in mind. Hm.
[ed. note: sottwell last edited this post 10 years, 9 months ago.]