New XAMPP security concept:

Problems with the Windows version of XAMPP, questions, comments, and anything related.

New XAMPP security concept:

Postby JD1pinoy » 18. August 2011 14:10

Hi im new here.. Can anyone help me with the issue i am encountering.

I know this was posted so many times but I can't search for a topic which matches the issue.

Access to the requested directory is only available from the local network.

This setting can be configured in the file "httpd-xampp.conf".

I am using DynDNS IP to access my webpage.
Posts: 1
Joined: 18. August 2011 13:36

Re: New XAMPP security concept:

Postby Nobbie » 18. August 2011 14:37


The philosophy

The philosophy behind XAMPP is to build an easy to install distribution for developers to get into the world of Apache. To make it convenient for developers XAMPP is configured with all features turned on.

The default configuration is not good from a securtiy point of view and it's not secure enough for a production environment - please don't use XAMPP in such environment.


A matter of security (A MUST READ!)

* The XAMPP security console

As mentioned at another place, XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.
Posts: 7237
Joined: 09. March 2008 13:04

Re: New XAMPP security concept:

Postby Altrea » 18. August 2011 18:31

That should be a sticky...
...and every new post with the key words "New XAMPP security concept" should be denied with a hint to that sticky. :D

NEVER use XAMPP over the internet, unless you know really everything about webserver security, especially how to harden a xampp for production environment

P.P.S.: The font size can't be big enough, i think 8)
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
AF Moderator
Posts: 7027
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: Windows 10 Pro x64

Re: New XAMPP security concept:

Postby ScaryLarry420 » 15. January 2013 05:52

Okay here is MY problem. I have been using xampp for win 32 since 1.3 something for 5+yrs and never had 1 single break in security. So for the record, that task I undertook then, took 2 yrs of hard research and every spare moment of my time and learning Apache PHP FTP and oh my god mercury mail and Pegasus and well then to get the tomcat server and all working in harmony with MY program for four (4) years. So you want horror stories I can tell a few with the best of them.
I understand noob stuff okay I get it but some of us didn't need to be protected from ourselves! :roll:
I Could understand if I was a for profit and/or was making money off of the programs but i just run a FREE game server with stats and the game is still popular get hits all the time till this
Okay have I ranted enough for the 4 years of bragging about you and your awesome Group and their Programs? if so please tell me the secret to undo this at "my own risk", which I agreed to when I downloaded it all those years ago :?
E:/xampp/apache/conf/extra/httpd-xampp.conf: I know the problems only start here here
server running win 2003 std ed present xampp 1.7.3 12 gig ram with twin xeons days over so ill check 1-15-13 gmt +7 or MST around 10 am local time please help
On a more personal note I live close to Apache Jct Arizona USA and i shudder at the though of not using Apache
Posts: 1
Joined: 19. June 2010 16:40

Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 64 guests