I just updated to WordPress 3.6.1 and WP Security 4.0.1 and have noticed that the scanner (WP Security > Scanner) cannot find my wp-config.php file. I see it in the root directory of the WordPress install (example.com/blog/), and checked permissions (Owner: FTP User, Group: www-data, Permissions: 644); but WP Security Scanner still cannot find it.
Am I missing something? It should find it but apparently it cannot. Does anyone have any idea how to fix this?