What does the message mean?
The message means that your app/etc/config.php file is publicly accessible by any visitor.
It is very wrong because a visitor an access a sensitive information of your site.
Why is the app/etc/config.php publicly accessible?
This is because of a wrong configuration of your web server.
If you are using the Apache web server
Magento 2 forbids a public acess to the app/etc/config.php file by the app/.htaccess file:
In case of the «Your web server is set up incorrectly» message the app/.htaccess file could be missed or disregarded by Apache.
If you are using Nginx web server
A sample Magento 2 configuration for Nginx forbids a public access to the app/.htaccess by the following rule: