I heard that XAMPP is for development and testing uses only, but what if I want to use it for real production uses? How can I make it secure for this case?
Please give me some directions and pointings, thank you!
str1 wrote:if all is fine on that side, my opinion is that XAMPP is (almost) as good as LAMP if all neccessary configurations are done properly.
cristianpark wrote:HI thought that /opt/lampp/lampp security was made for securying
cristianpark wrote:In production, software updates are low (at least they are security related, even though, mostly security updates sadly are also ignored) so I think that if there isn't any big major security related patch, you can skip that
cristianpark wrote:correct me if I'm wrong, but you can recompile PHP (with the same version but with bug fixes) bundled with XAMPP (as you do for install extensions like PECL). Talking about updates, if you are using GNU/Linux and install from repos, you'll face the same because the versions depends on your S.O version (let's say Ubuntu 11.10 have PHP 5.3.6-13), if you compile manually PHP/Apache, you have to do new compile new version again (as far as I know) and you end in the same situation.
cristianpark wrote:I like to know if there are other reasons for not to use XAMPP on production environments because I have it in two servers and no trouble so far (about 4 years in one)
I know, but they aren't applyed mostly on enterprises, they aren't updating/upgrading on regular basis. I know it shouldn't happen, but in my experience, it doesAltrea wrote:Simply take a look into the Apache/MySQL/PHP changelogs for security or stability related updates. On a live webserver updates are very important.
How will you know wether I'm asking for support on a production or development environment? . Just kidding but in fact you can'tAltrea wrote:It is your software and your server, so you can do whatever you want (but we will not provide any support for in production environment running XAMPP installations).
Zend Server CE has deb/rpm packages but it's no easy install on any distro that uses another package system, also, if you install the package like that, you have to upgrade when needed and so on, just like the problem with XAMPP IMHO. I can read between lines (when you talk about Windows version) that in a GNU/Linux OS, XAMPP is usable on production environment with the changes of services unwanted, am I wrong?Altrea wrote:Personally I don't understand why people don't use the correct tool for their tasks, especially if they are available for free (Zend Server CE is certified and tested for production environments, and nearly as easy to install as XAMPP).
best wishes,
Altrea
cristianpark wrote:sorry for the question but are you a XAMPP Developer?
cristianpark wrote:I know, but they aren't applyed mostly on enterprises, they aren't updating/upgrading on regular basis.
cristianpark wrote:How will you know wether I'm asking for support on a production or development environment? . Just kidding but in fact you can't
cristianpark wrote:I can read between lines (when you talk about Windows version) that in a GNU/Linux OS, XAMPP is usable on production environment with the changes of services unwanted, am I wrong?
kashif0747 wrote:Isn't it possible to give options for passwords etc. while installing xampp or make another version for production purpose?
Users browsing this forum: No registered users and 144 guests