Apache Friends Support Forum


https://community.apachefriends.org/f/

Security on XAMPP version: 1.7.2

https://community.apachefriends.org/f/viewtopic.php?f=16&t=43112

Page 1 of 1

Security on XAMPP version: 1.7.2

PostPosted: 16. December 2010 06:57
by xfsgpr
Does this picture shows that my apache configuration is secure from people using it as a proxy server?

http://picasaweb.google.com/xfsgpr/Xampp#slideshow/5551153574193391426

Thanks.

Re: Security on XAMPP version: 1.7.2

PostPosted: 16. December 2010 20:03
by WilliL
this picture shows that minimum secure is done. It doesn't secure your php scripts.
it's suggested NOT to use XAMPP for real server, just for developement.

Re: Security on XAMPP version: 1.7.2

PostPosted: 17. December 2010 01:34
by xfsgpr
WilliL wrote:this picture shows that minimum secure is done. It doesn't secure your php scripts.
it's suggested NOT to use XAMPP for real server, just for developement.


Can you recommend a site where I can find out more about how to secure my php scripts.

Thanks.

Re: Security on XAMPP version: 1.7.2

PostPosted: 17. December 2010 17:47
by WilliL
some excemples
German http://www.tecchannel.de/webtechnik/webserver/2018831/apache_konfiguration_tipps_fuer_sicherheit_security_optimierung_webserver/index2.html
English http://www.phpwact.org/security/web_application_security
English http://www.cgisecurity.com/owasp/html/
English http://www.owasp.org/index.php/Category:Vulnerability

Google search SQL-Injection, Session fixation, hijacking, header injection, CSFR/XSRF attack, Session Riding

don't be afraid ;) a lot to read I think its important to know and most parts can be excluded by validating every input (user, header, url)

Re: Security on XAMPP version: 1.7.2

PostPosted: 18. December 2010 03:10
by xfsgpr
Thanks WiliL. Some reading for this Christmas!

Regards and Merry Christmas.
All times are UTC + 1 hour
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/