Page 1 of 1

How to make sure my xampp filezilla server working securely

PostPosted: 01. February 2012 04:38
Hi everyone.

recently I create a internet ftp server with the filezilla server in the xampp 1.7.7 for windows.

the service structure like below:

windows xp ( xampp 1.7.7) start ftp server in port (9002) ----ADSL router(port forwarding for 9002)---ddns-- internet ----user

Setting in filezilla server.

I change the FTP service port from 21 to 9002. use passive mode.
open 9110-9130 as the data connection port.
change admin port for filezilla server to 9900. and add a long enough admin password.
allow any one from any ip address to visit this FTP service.

I heard lots of people said that use xampp to set up a productive environment is not safe enough.

I want to know what kind of security challenge I'll face in the future for this FTP service ? Do I need to do anything else to secure this service?

Re: How to make sure my xampp filezilla server working secur

PostPosted: 02. February 2012 00:01
by hackattack142
Well, if you only intend on making FTP available outside and not the other XAMPP modules, that is not so bad. I do not think there are any (publicly) known vulnerabilities for FileZilla Server right now. Without knowing what you intend to use it for, you may want to get rid of the anonymous user and make sure all users have adequate quotas (you do not want anyone filling up your HDD). It would be good to make sure the admin interface is not reachable from the outside.

The production environment comment mostly applies to the other components of XAMPP (Apache, PHP, etc..).