Security / Access problems after moving the installation

Hi there,
I had to move my owncloud-installation from an old Debian 7 - Server to a new Debian 9 - Server with Apache 2.4, MySQL and Redis enabled.

When the owncloud-client tries to connect to the new server I get an error-Message in the apache error log like:
"authz_core:error] [pid 4878:tid 140394394269440] [client] AH01630: client denied by server configuration" with the path /.../owncloud/config

So why does the client try to get access to the config-directory?

Of course in the config-folder there is a .htaccess-file with the directive "Require all denied".

If I change this directive (for testing purposes only) to "Require all granted" the error-message does not appear and everything works fine.
But this is a security-desaster, right?

So how can I handle the error-message?

I found this discussion related to that topic:
But i couldnt find any settings like

Order Deny,Allow
Deny from all

in my apache configuration.

Can you help me please?

Hi, have you created this conf file?