Safety Issues?

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Safety Issues?

Postby ErkiB » 09. May 2012 21:33

Hey, Im new to Apachefriends board and I just recently created a website but would like to download Wordpress onto my PC so I can try different themes and all the other good stuff. Now right before trying to download, I found a tutorial on how to download Xampp and that it would make things hassle free for me.

LINK: http://www.tamba2.org.uk/wordpress/xampp/

Now this tutorial seems legit but I just wanted to check with you guys if this is a good tutorial and I should just follow it?

Thank you , Much appreciated.
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby JonB » 09. May 2012 21:39

Well its a bit old, but there's nothing there that is really wrong either. Its for very outdated versions of XAMPP and WordPress, so things may look a bit different.

Good Luck
8)
User avatar
JonB
AF Moderator
 
Posts: 3210
Joined: 12. April 2010 16:41
Location: Land of the Blazing Sun
Operating System: Windows XP/7 - Fedora 15 1.7.7

Re: Safety Issues?

Postby ErkiB » 09. May 2012 21:41

Thank you for a quick reply, Much appreciated.

Do you know where I could find an updated tutorial or a better version? You might not know any but maybe you do :), Worth the shot of asking,
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby Altrea » 09. May 2012 21:57

Hi ErkiB,
ErkiB wrote:LINK: http://www.tamba2.org.uk/wordpress/xampp/

Now this tutorial seems legit but I just wanted to check with you guys if this is a good tutorial and I should just follow it


Well, this Tutorial is quite old, so here are some suggestions:
  • Don't use the mentioned XAMPPLite1.4.16.exe Version, because it is quite old. Use the XAMPP 1.7.7 .zip Version, because the current zip version makes the fewest problems.
  • use the new xampp control panel v3 which comes as Beta with the current XAMPP version, instead the default one
  • you just need to execute the setup_xampp.bat file once after extraction, not before every start
  • There are some problems with current Windows versions. So be sure that you...
    • ...extract XAMPP directly in your C:\ directory, NOT in your programs folder or your profile folder
    • ...start the control panel with higher administrative priviledges (rightclick context menu -> run as administrator)
    • ...haven't installed IIS and that your ports 80, 443 and 3306 are free (use the XAMPP control panel v3 netstat portcheck)
    • ...if you having problems with connection with phpmyadmin, search for the bind-address solution with the board search
  • phpmyadmin has changed a little bit. The menu for creating databases is now inside the databases tab
  • You shouldn't only create a new database, you should create a new user (with limited permissions) for that database too.
  • you don't need to request the page http://localhost/xampp/splash.php - http://localhost/ should redirect you directly to the XAMPP Page
  • instead of using the DBUser root in your Wordpress-configuration, use the one you newly created

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Safety Issues?

Postby ErkiB » 09. May 2012 22:02

Thank you very much, Its greatly appreciated :)

I will now try to install it on mu Laptop and see how it goes.
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby Altrea » 10. May 2012 05:23

Have fun and give us a feedback :D
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Safety Issues?

Postby ErkiB » 11. May 2012 01:00

I just started downloading it and I have a quick question about Service Section during installation process.

Should I check any boxes under Service Section

Install Apache as Service
Install MySQL as Service
Install Filezilla as Service

Should I check any of those boxes?
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby ErkiB » 11. May 2012 01:21

"•The MySQL administrator (root) has no password.
•The MySQL daemon is accessible via network.
•phpMyAdmin is accessible via network.
•The XAMPP demopage is accessible via network.
•The default users of Mercury and FileZilla are known."

Also how risky is using Xampp in general? I mean I want to keep creating my website and do it safely, I will probably be publishing new articles on a daily basis.
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby Altrea » 11. May 2012 04:43

ErkiB wrote:Should I check any boxes under Service Section

That depends on your own needs. Do you want, that Apache, MySQL and/or FileZilla Server are starting automatically with your Windows start (independend if you want to use them at the time or not)? If that is the case, then maybe Services can be interesting for you.

I for example:
  • don't want, that several ports are accessible exept i need to use the,
  • use several testing and development stacks on the same machine for compatibility testing and want to choose myself which stack i want to start, because Windows can't know that
  • just need 5 seconds to start the shortcut(s) of my control panel(s) on my desktop and click on the start buttons. Thats no effort for me.
  • have full control over my processes, especially the error reporting of them. Windows services log some errors in the Windows event log, some in their log files.
  • have installed some XAMPP Stacks on USB devices which don't get the same drive letter every use. Services need a static drive letter

If you want to use Services, just register them is everything is starting successful. Services can make some troubles which you won't have without them.

ErkiB wrote:Also how risky is using Xampp in general? I mean I want to keep creating my website and do it safely,

That highly depends on how many people are on the same network as you are / can use your computer.
If you are the only person in your network and use a firewall or router with integrated firewall, you are quite safe if you don't free/forward the ports in your firewall.
If you don't need some components or don't know what they are doing (FileZilla, Mercury, Tomcat) simply don't start them.

To enhance the local database security you can set a new password for the mysql user root and configure phpMyAdmin to show a login screen.
But by default phpMyAdmin and MySQL are only accessible in your very own computer.

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Safety Issues?

Postby ErkiB » 11. May 2012 12:30

Thanks a lot, Its very helpful to know these things as I have never tried anything like this with my site before.

When I tried to enter PHPmyAdmin I got a #2002 error? Any idea as to why? I followed all the steps.
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby ErkiB » 27. May 2012 00:23

I fixed the error and now everything is fine but I have one question.

If you see the tutorial I posted in the first thread it says to put in UTF8... when creating a database, I just want to ask as to why it has to be utf8 unicode ci?
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby Altrea » 27. May 2012 10:28

ErkiB wrote:I just want to ask as to why it has to be utf8 unicode ci?

The UTF-8 charset contains the characters of most languages of the world. Choosing it is a good idea, because it is not worth mentioning slower than local charsets like latin1.

The other parts of the encoding name defines the sort method. In most cases utf8_general_ci is the best choice because it is a little bit faster on sorting queries then utf8_unicode_ci.
More to read here: http://forums.mysql.com/read.php?103,18 ... msg-188748

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Safety Issues?

Postby ErkiB » 29. May 2012 16:15

Thank you, I really appreciate the help, Im new to using Xampp and in general used to edit my page through another website so this is kinda new to me.

I still have a question about adding a password to my root, should I add New User?
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Re: Safety Issues?

Postby Altrea » 29. May 2012 18:24

You are welcome.

ErkiB wrote:I still have a question about adding a password to my root, should I add New User?

You should create a new user for every unique webapplication (e.g. one user for joomla, one for wordpress, one for phpBB, one for your self programmed application xyz, etc). None of these users should have global rights, just rights in database level on the single database of that single application.
Every of these user should have it's own secure password.

The user root should have a very secure password too and should only be used for global database administration (creating new databases, adding new users, etc).

That's what i would recommend for production environments, but can't hurt for local testing and development environments too :D

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Safety Issues?

Postby ErkiB » 07. July 2012 23:59

First and foremost Im pretty busy so I apologize for long gaps between questions Im having.

I did create a new user and I definetly understand what your talking about when it comes to the users and all. I do have a couple of questions though. Do I need to change any privileges the 127.0.0.1 and localhost have?

Also, When I click on databases, there are a number of other databases aside from Wordpress, I was just wondering If there was anything I needed to know about the other ones on the list like... cdcol,test...?

Thank you
ErkiB
 
Posts: 12
Joined: 09. May 2012 20:47
Operating System: Windows 7

Next

Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 52 guests