Page 1 of 1
XAMPP Example Pages
Posted:
17. May 2011 11:07by yaniyani
Hi Newbie here,
I've found out in my website that cross site scripting (XSS) is possible on the example pages. Is it advisable to disable these? How can I disable example pages or remove it from public access?
Many thanks in advance
Re: XAMPP Example Pages
Posted:
17. May 2011 11:55by Altrea
The example pages are just for php functionality and modules testing.
You can use them as a starting point for your own applications if you want to.
But because XAMPP is not made for prodoction environments there is no focus on XSS for these scripts.
XAMPP shouldn't be accessed from public except you have the knowledge how to harden all the components to get them all secure enough for internet access.
Re: XAMPP Example Pages
Posted:
17. May 2011 12:11by yaniyani
Thanks Altrea for the quick reply
How can access from public be removed?
Re: XAMPP Example Pages
Posted:
17. May 2011 12:49by Altrea
By default the XAMPP Backend since XAMPP 1.7.3 will not be accessible from the internet, just from localhost.
And if you don't forward requests in your firewall to your pc, your whole XAMPP is not accessible from the internet (which is highly recommend)