We provide a .htaccess file in the config active directory, but not the staging directory
Dynamically add: .htaccess to config staging
Much like .htaccess is added to config active now.
Actually code it.
User interface changes
Original report by hass
// Text of original report here.
(for legacy issues whose initial post was not the issue summary)
As an outcome of
web.config is not protecting the folders
We may also need to review the match filters of
.htaccess in the root folder of Drupal if we need to do something there or not.