Like others I had the problem of this message not getting fixed by running "core:create-security-files". Turns out, the domain in Apache was not configured to "AllowOverride All" which is needed for .htaccess to work.
A note should be added here that users should check this.
btw: When I tried to post the above text as a feedback on that page, I got blocked by WAF:
Forbidden Request was blocked by WAF. Request ID: 50562432-e4ff-44e5-97a6-9f4891e6376c
Thanks for this @larsen0815 . Very appreciated. I've added this to the FAQ.
Regarding the WAF: Do you remember when you tried to post this? I couldn't find this request ID in the logs so far.
WAF: Right before I created this issue. Tried it twice within ~2 minutes.
Thanks for this, found it now 👍