HOW-TO move to a secure XAMPP production environment?
Posted:
25. April 2009 19:15by johne1
I have been trying to find information on moving from XAMPP development environment to a secure XAMPP production environment. Surely, what I'm asking has been many times before by many people.
Where can I find the resources that address the topic, "HOW-TO move from a XAMPP development environment to a secure XAMPP production environment?"
I would think that this is one of the most Frequently Asked Questions about XAMPP but I don't see it in the FAQ.
Thanks in advance for your replies!!
JohnE1
Re: HOW-TO move to a secure XAMPP production environment?
Posted:
08. May 2009 00:47by daeghran
BUMP!
I've also looked for the same info. to no avail.
Somebody please help?
Re: HOW-TO move to a secure XAMPP production environment?
Posted:
10. May 2009 04:59by Sharley
Bumpety Bumpety Bump!
An advanced search in the
XAMPP for Windows forum for
security or
secure may come up with some relative results.
It is not recommended to use XAMPP in a production environment secure or not but if you are prepared to take some risks then the paragraph
A matter of security (A MUST READ!) in the xampp\readme_en.txt file may give you a modicum of protection.
A Google search for
hardening a Windows Apache server may alsogive some good results.
Re: HOW-TO move to a secure XAMPP production environment?
Posted:
28. May 2009 00:05by Lotech
I think the XAMPP community may be missing the boat on this issue. XAMPP grew out of the frustration of developers in deploying a simple production box for their projects. Many developers are now reluctantly forced into the Apache admin role by default. Maybe it is time to explore an XAMPP deployment application as an official project.
I know that the Apache admins are out there saying….Well all you have to do is ……jail all your modules….verify your install package has not been tampered with………test your installation with Nitko……. Use mod_rewrite to manipulate some URLs…..blau, blau, blau, yada, yada, yada…
Which proves my point, nothing has gotten any easier to deploy Apache in an active application. A marginal idiot, such as me, can harden a MS IIs box much easier than Apache. It’s rather frustrating to see some of the most intuitive, user friendly, non-techie applications developed around Apache/MySQL & PHP and still the underlying foundation is shrouded in mystery for the non-technical user/developer.
I know a deployment application would never satisfy all admins out there, but an intuitive tool for developers to deploy their application with a reasonable level of security assurance would be nice.