Apache Friends Support Forum

Skip to content

XAMPP directory not accessible over local network

Problems with the Windows version of XAMPP, questions, comments, and anything related.
Forum rules
Post a reply

XAMPP directory not accessible over local network

Postby steve_t » 22. December 2014 15:30

Hello,

(Deleted post from below and reframed question here.)

XAMPP version: xampp-win32-5.6.3-0-VC11-installer.exe

XAMPP installation: 1.) Components: Apache, MySQL, PHP, phpMyAdmin. 2.) Installation folder: C:\xampp. 3.) All other settings are the default except; a.) Unselect (uncheck) Learn more about Bitnami for XAMPP, and b.) Unselect (uncheck) Do you want to start the Control Panel now? I restart computer before starting XAMPP Control Panel.

Issue witnessed when XAMPP is installed on: Windows Vista Ult 32 SP2, Windows 7 Pro 64 SP1, Windows 8 Pro 64, Windows 8.1 Pro 64.

---

Issue: It appears that, by default, XAMPP directory access over local network is disabled:
1.) Local network is 192.168.0.x.
2.) Computer with XAMPP installed (host) is 192.168.0.5.
3.) Computer trying to connect to host XAMPP directory (client) is 192.168.0.12.
4.) On host, start XAMPP and then start Apache and MySQL.
5.) On client, point Web browser to http://192.168.0.5/xampp/.
6.) On client, instead of reaching authorized/unauthorized access to the XAMPP directory, the following appears: Access forbidden! New XAMPP security concept: Access to the requested object is only available from local network. This setting can be configured in the file "http-xampp.conf".
7.) For logs, the last time client tried to access host XAMPP directory and received Access forbidden! New XAMPP security concept was 17 Dec 2014 22:07.

Fix: It appears that the following enables XAMPP directory access over local network:
1.) Either comment out the following line (~line 122) from near the bottom of C:\xampp\apache\conf\extra\httpd-xampp.conf:
Require local.
2.) Or comment out the following section of lines (~lines 121-124) at the bottom of C:\xampp\apache\conf\extra\httpd-xampp.conf:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

After comment out the line(s) "Access forbidden! New XAMPP security concept" does not appear, and then reach unauthenticated/authenticated access to the XAMPP directory depending on whether or not a XAMPP directory username/password was provided.

Questions: From the description above, it appears that, by default, XAMPP directory access over local network is disabled. Is this true and/or by design? If yes, then is the correct "fix" to enable XAMPP directory access over local network to comment out line 122 or lines 121-124? Or is there a better way or am I missing something?

Code: Select all
httpd-xampp.conf

#
# XAMPP settings
#

<IfModule env_module>
    SetEnv MIBDIRS "C:/xampp/php/extras/mibs"
    SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
    SetEnv OPENSSL_CONF "C:/xampp/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
    SetEnv PHPRC "\\xampp\\php"
    SetEnv TMP "\\xampp\\tmp"
</IfModule>

#
# PHP-Module setup
#
LoadFile "C:/xampp/php/php5ts.dll"
LoadFile "C:/xampp/php/libpq.dll"
LoadModule php5_module "C:/xampp/php/php5apache2_4.dll"

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
#    SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
#    Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>


<IfModule php5_module>
    PHPINIDir "C:/xampp/php"
</IfModule>

<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "C:/xampp/php/"
<Directory "C:/xampp/php">
    AllowOverride None
    Options None
    Require all denied
    <Files "php-cgi.exe">
          Require all granted
    </Files>
</Directory>

<Directory "C:/xampp/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "C:/xampp/htdocs/xampp">
    <IfModule php5_module>
       <Files "status.php">
          php_admin_flag safe_mode off
       </Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>
    Alias /security "C:/xampp/security/htdocs/"
    <Directory "C:/xampp/security/htdocs">
        <IfModule php5_module>
          <Files "xamppsecurity.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
        Require all granted
   </Directory>

    Alias /licenses "C:/xampp/licenses/"
    <Directory "C:/xampp/licenses">
        Options +Indexes
        <IfModule autoindex_color_module>
            DirectoryIndexTextColor  "#000000"
            DirectoryIndexBGColor "#f8e8a0"
            DirectoryIndexLinkColor "#bb3902"
            DirectoryIndexVLinkColor "#bb3902"
            DirectoryIndexALinkColor "#bb3902"
        </IfModule>
        Require all granted
   </Directory>

    Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
    <Directory "C:/xampp/phpMyAdmin">
        AllowOverride AuthConfig
        Require all granted
    </Directory>

    Alias /webalizer "C:/xampp/webalizer/"
    <Directory "C:/xampp/webalizer">
        <IfModule php5_module>
          <Files "webalizer.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
        Require all granted
    </Directory>
</IfModule>

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
        Require local
   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>


Code: Select all
.htaccess

AuthName "xampp user"
AuthType Basic
AuthUserFile "C:\xampp\security\xampp.users"
require valid-user


Code: Select all
xampp.users

xamppAdmin:$apr1$d6H5m2RO$LIp44BSQgGCNUE6gC3a4S1


Code: Select all
XAMPP Control Panel log from XAMPP Control Panel itself

10:01:20 PM  [main]    Initializing Control Panel
10:01:20 PM  [main]    Windows Version: Windows 7 Professional SP1 64-bit
10:01:20 PM  [main]    XAMPP Version: 5.6.3
10:01:20 PM  [main]    Control Panel Version: 3.2.1  [ Compiled: May 7th 2013 ]
10:01:20 PM  [main]    You are not running with administrator rights! This will work for
10:01:20 PM  [main]    most application stuff but whenever you do something with services
10:01:20 PM  [main]    there will be a security dialogue or things will break! So think
10:01:20 PM  [main]    about running this application with administrator rights!
10:01:20 PM  [main]    XAMPP Installation Directory: "c:\xampp\"
10:01:20 PM  [main]    Checking for prerequisites
10:01:43 PM  [main]    All prerequisites found
10:01:43 PM  [main]    Initializing Modules
10:01:43 PM  [main]    The FileZilla module is disabled
10:01:43 PM  [main]    The Mercury module is disabled
10:01:43 PM  [main]    The Tomcat module is disabled
10:01:43 PM  [main]    Starting Check-Timer
10:01:43 PM  [main]    Control Panel Ready
10:01:47 PM  [Apache]    Attempting to start Apache app...
10:01:51 PM  [Apache]    Status change detected: running
10:01:59 PM  [mysql]    Attempting to start MySQL app...
10:02:00 PM  [mysql]    Status change detected: running


Code: Select all
access.log

::1 - - [17/Dec/2014:17:07:56 -0500] "GET /xampp/ HTTP/1.1" 302 167 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:56 -0500] "GET /xampp/splash.php HTTP/1.1" 200 1325 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:56 -0500] "GET /xampp/xampp.css HTTP/1.1" 200 4178 "http://localhost/xampp/splash.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:56 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 200 43 "http://localhost/xampp/splash.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:56 -0500] "GET /xampp/img/xampp-logo.jpg HTTP/1.1" 200 19738 "http://localhost/xampp/splash.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:56 -0500] "GET /favicon.ico HTTP/1.1" 200 7782 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/lang.php?en HTTP/1.1" 302 - "http://localhost/xampp/splash.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/index.php HTTP/1.1" 200 595 "http://localhost/xampp/splash.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/head.php HTTP/1.1" 200 1393 "http://localhost/xampp/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/start.php HTTP/1.1" 200 2710 "http://localhost/xampp/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/head-windows.gif HTTP/1.1" 200 1362 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/head-for.gif HTTP/1.1" 200 791 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/navi.php HTTP/1.1" 200 3483 "http://localhost/xampp/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/xampp-logo-new.gif HTTP/1.1" 200 4878 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/xampp.js HTTP/1.1" 200 573 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/strichel.gif HTTP/1.1" 200 61 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/bitnami-xampp.png HTTP/1.1" 200 22133 "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:07:58 -0500] "GET /xampp/img/apachefriends.gif HTTP/1.1" 200 979 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/lang.php?en HTTP/1.1" 302 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/index.php HTTP/1.1" 200 584 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/head.php HTTP/1.1" 200 965 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/navi.php HTTP/1.1" 200 2402 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/logo-small.gif HTTP/1.1" 200 509 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/blank.gif HTTP/1.1" 200 43 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/xampp.css HTTP/1.1" 200 4663 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/xampp.js HTTP/1.1" 200 573 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/head-xampp.gif HTTP/1.1" 200 1404 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/head-for.gif HTTP/1.1" 200 791 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/head-windows.gif HTTP/1.1" 200 1478 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/strichel.gif HTTP/1.1" 200 61 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/img/apachefriends.gif HTTP/1.1" 200 979 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:01 -0500] "GET /security/security.php HTTP/1.1" 200 7164 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:02 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:02 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:02 -0500] "GET /security/img/xampp.ico HTTP/1.1" 200 30894 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:16 -0500] "GET /security/security.php HTTP/1.1" 200 7164 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:17 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:17 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:17 -0500] "GET /security/img/blank.gif HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:17:08:17 -0500] "GET /security/img/strichel.gif HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/ HTTP/1.1" 200 595 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/head.php HTTP/1.1" 200 1393 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/start.php HTTP/1.1" 200 2710 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/xampp.css HTTP/1.1" 200 4178 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 200 43 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/head-windows.gif HTTP/1.1" 200 1362 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/head-for.gif HTTP/1.1" 200 791 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/xampp-logo-new.gif HTTP/1.1" 200 4878 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/bitnami-xampp.png HTTP/1.1" 200 22133 "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/navi.php HTTP/1.1" 200 3483 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/xampp.js HTTP/1.1" 200 573 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/strichel.gif HTTP/1.1" 200 61 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /xampp/img/apachefriends.gif HTTP/1.1" 200 979 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:49:48 -0500] "GET /favicon.ico HTTP/1.1" 200 7782 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/lang.php?en HTTP/1.1" 302 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/index.php HTTP/1.1" 200 584 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/head.php HTTP/1.1" 200 965 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/navi.php HTTP/1.1" 200 2402 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/logo-small.gif HTTP/1.1" 200 509 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/blank.gif HTTP/1.1" 200 43 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/xampp.js HTTP/1.1" 200 573 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/xampp.css HTTP/1.1" 200 4663 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/head-windows.gif HTTP/1.1" 200 1478 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/head-xampp.gif HTTP/1.1" 200 1404 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/head-for.gif HTTP/1.1" 200 791 "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/strichel.gif HTTP/1.1" 200 61 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/img/apachefriends.gif HTTP/1.1" 200 979 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:09 -0500] "GET /security/security.php HTTP/1.1" 200 7164 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:11 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:11 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:11 -0500] "GET /security/img/xampp.ico HTTP/1.1" 200 30894 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:43 -0500] "GET /security/xamppsecurity.php HTTP/1.1" 200 4185 "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:20:50:43 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:00:47 -0500] "GET /security/security.php HTTP/1.1" 200 7164 "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:00:48 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:00:48 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:10:50 -0500] "GET /security/xamppsecurity.php HTTP/1.1" 200 4185 "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:10:50 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:11:30 -0500] "POST /security/xamppsecurity.php HTTP/1.1" 200 4393 "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:11:30 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:31 -0500] "GET /xampp/ HTTP/1.1" 200 595 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/head.php HTTP/1.1" 200 1393 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/start.php HTTP/1.1" 200 2710 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/navi.php HTTP/1.1" 200 3483 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/xampp-logo-new.gif HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/head-for.gif HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/head-windows.gif HTTP/1.1" 304 - "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/bitnami-xampp.png HTTP/1.1" 304 - "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/xampp.js HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/apachefriends.gif HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:32 -0500] "GET /xampp/img/strichel.gif HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/lang.php?en HTTP/1.1" 302 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/index.php HTTP/1.1" 200 584 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/head.php HTTP/1.1" 200 965 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/navi.php HTTP/1.1" 200 2402 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/blank.gif HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/head-for.gif HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/logo-small.gif HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/head-xampp.gif HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/head-windows.gif HTTP/1.1" 304 - "http://localhost/security/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/apachefriends.gif HTTP/1.1" 304 - "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/img/strichel.gif HTTP/1.1" 304 - "http://localhost/security/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:35 -0500] "GET /security/security.php HTTP/1.1" 200 6868 "http://localhost/security/index.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:36 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:36 -0500] "GET /security/xampp.js HTTP/1.1" 304 - "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:38 -0500] "GET /security/xamppsecurity.php HTTP/1.1" 200 4185 "http://localhost/security/security.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:38 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:52 -0500] "POST /security/xamppsecurity.php HTTP/1.1" 200 4335 "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:21:50:52 -0500] "GET /security/xampp.css HTTP/1.1" 304 - "http://localhost/security/xamppsecurity.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/ HTTP/1.1" 200 595 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/head.php HTTP/1.1" 200 1393 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/xampp.css HTTP/1.1" 200 4178 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/start.php HTTP/1.1" 200 2710 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 200 43 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/img/head-for.gif HTTP/1.1" 200 791 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/img/xampp-logo-new.gif HTTP/1.1" 200 4878 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/img/head-windows.gif HTTP/1.1" 200 1362 "http://localhost/xampp/head.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/img/bitnami-xampp.png HTTP/1.1" 200 22133 "http://localhost/xampp/start.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:37 -0500] "GET /xampp/navi.php HTTP/1.1" 200 3483 "http://localhost/xampp/" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/xampp.js HTTP/1.1" 200 573 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/xampp.css HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/img/blank.gif HTTP/1.1" 304 - "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/img/apachefriends.gif HTTP/1.1" 200 979 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /xampp/img/strichel.gif HTTP/1.1" 200 61 "http://localhost/xampp/navi.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
::1 - - [17/Dec/2014:22:02:38 -0500] "GET /favicon.ico HTTP/1.1" 200 7782 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
192.168.0.12 - - [17/Dec/2014:22:07:32 -0500] "GET /xampp/ HTTP/1.1" 403 1202 "-" "Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0"
192.168.0.12 - - [17/Dec/2014:22:07:34 -0500] "GET /favicon.ico HTTP/1.1" 200 7782 "-" "Mozilla/5.0 (Windows NT 6.1; rv:34.0) Gecko/20100101 Firefox/34.0"


Code: Select all
error.log

[Wed Dec 17 17:04:03.835937 2014] [ssl:warn] [pid 2816:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 17:04:04.132812 2014] [ssl:warn] [pid 2816:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 17:04:06.523437 2014] [mpm_winnt:notice] [pid 2816:tid 252] AH00455: Apache/2.4.10 (Win32) OpenSSL/1.0.1i PHP/5.6.3 configured -- resuming normal operations
[Wed Dec 17 17:04:06.523437 2014] [mpm_winnt:notice] [pid 2816:tid 252] AH00456: Apache Lounge VC11 Server built: Jul 17 2014 11:50:08
[Wed Dec 17 17:04:06.523437 2014] [core:notice] [pid 2816:tid 252] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Wed Dec 17 17:04:06.523437 2014] [mpm_winnt:notice] [pid 2816:tid 252] AH00418: Parent: Created child process 11732
[Wed Dec 17 17:04:07.335937 2014] [ssl:warn] [pid 11732:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 17:04:07.679687 2014] [ssl:warn] [pid 11732:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 17:04:07.742187 2014] [mpm_winnt:notice] [pid 11732:tid 264] AH00354: Child: Starting 150 worker threads.
[Wed Dec 17 20:49:37.606445 2014] [ssl:warn] [pid 996:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 20:49:37.715820 2014] [core:warn] [pid 996:tid 252] AH00098: pid file C:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed Dec 17 20:49:37.918945 2014] [ssl:warn] [pid 996:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 20:49:37.965820 2014] [mpm_winnt:notice] [pid 996:tid 252] AH00455: Apache/2.4.10 (Win32) OpenSSL/1.0.1i PHP/5.6.3 configured -- resuming normal operations
[Wed Dec 17 20:49:37.965820 2014] [mpm_winnt:notice] [pid 996:tid 252] AH00456: Apache Lounge VC11 Server built: Jul 17 2014 11:50:08
[Wed Dec 17 20:49:37.965820 2014] [core:notice] [pid 996:tid 252] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Wed Dec 17 20:49:37.997070 2014] [mpm_winnt:notice] [pid 996:tid 252] AH00418: Parent: Created child process 3336
[Wed Dec 17 20:49:38.809570 2014] [ssl:warn] [pid 3336:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 20:49:39.075195 2014] [ssl:warn] [pid 3336:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 20:49:39.184570 2014] [mpm_winnt:notice] [pid 3336:tid 264] AH00354: Child: Starting 150 worker threads.
Adding password for user xamppAdmin
[Wed Dec 17 21:51:06.875000 2014] [ssl:warn] [pid 1444:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 21:51:06.937500 2014] [core:warn] [pid 1444:tid 252] AH00098: pid file C:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed Dec 17 21:51:07.140625 2014] [ssl:warn] [pid 1444:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 21:51:07.187500 2014] [mpm_winnt:notice] [pid 1444:tid 252] AH00455: Apache/2.4.10 (Win32) OpenSSL/1.0.1i PHP/5.6.3 configured -- resuming normal operations
[Wed Dec 17 21:51:07.187500 2014] [mpm_winnt:notice] [pid 1444:tid 252] AH00456: Apache Lounge VC11 Server built: Jul 17 2014 11:50:08
[Wed Dec 17 21:51:07.187500 2014] [core:notice] [pid 1444:tid 252] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Wed Dec 17 21:51:07.187500 2014] [mpm_winnt:notice] [pid 1444:tid 252] AH00418: Parent: Created child process 4052
[Wed Dec 17 21:51:08.015625 2014] [ssl:warn] [pid 4052:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 21:51:08.281250 2014] [ssl:warn] [pid 4052:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 21:51:08.312500 2014] [mpm_winnt:notice] [pid 4052:tid 264] AH00354: Child: Starting 150 worker threads.
[Wed Dec 17 22:01:52.221679 2014] [ssl:warn] [pid 2908:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 22:01:52.346679 2014] [core:warn] [pid 2908:tid 252] AH00098: pid file C:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Wed Dec 17 22:01:52.565429 2014] [ssl:warn] [pid 2908:tid 252] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 22:01:52.596679 2014] [mpm_winnt:notice] [pid 2908:tid 252] AH00455: Apache/2.4.10 (Win32) OpenSSL/1.0.1i PHP/5.6.3 configured -- resuming normal operations
[Wed Dec 17 22:01:52.596679 2014] [mpm_winnt:notice] [pid 2908:tid 252] AH00456: Apache Lounge VC11 Server built: Jul 17 2014 11:50:08
[Wed Dec 17 22:01:52.596679 2014] [core:notice] [pid 2908:tid 252] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Wed Dec 17 22:01:52.643554 2014] [mpm_winnt:notice] [pid 2908:tid 252] AH00418: Parent: Created child process 1668
[Wed Dec 17 22:01:53.971679 2014] [ssl:warn] [pid 1668:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 22:01:54.346679 2014] [ssl:warn] [pid 1668:tid 264] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Wed Dec 17 22:01:54.393554 2014] [mpm_winnt:notice] [pid 1668:tid 264] AH00354: Child: Starting 150 worker threads.
[Wed Dec 17 22:07:32.893554 2014] [authz_core:error] [pid 1668:tid 1660] [client 192.168.0.12:49177] AH01630: client denied by server configuration: C:/xampp/htdocs/xampp/


Code: Select all
php_error_log.txt

[17-Dec-2014 23:07:56 Europe/Berlin] PHP Warning:  file_get_contents(lang.tmp): failed to open stream: No such file or directory in C:\xampp\htdocs\xampp\index.php on line 2


Regards

Steve
steve_t
 
Posts: 15
Joined: 18. December 2014 04:28
XAMPP version: 5.6.24
Operating System: Windows Vista/7/8.1/10
Top

Re: XAMPP directory not accessible over local network

Postby gsmith » 22. December 2014 16:51

That was much easier to read :)

Anyhow, you're running into merging order in how <Location> is merged in the config, and it so happens to be merged in after <Directory> and .htaccess thereby overwriting the .htaccess's Require statement of valid-user.

See: http://httpd.apache.org/docs/2.4/sections.html#merging
Take note on the last example in that section.

So in your post at viewtopic.php?f=16&t=70000#p239850 I guess you are kind of sort of right but as you understand it (and obviously others as well) in that for it to work as you think it should, you would need to add Require valid-user to that Location container. On the other hand not really since that .htpasswd file generated can be used again elsewhere, for things not covered by that <Location> container and it would probably take three installer pages or more to explain it all in detail.

I think the purpose for that Location container is to keep these things accessible only by the local administrator and no one else (or no other computer) especially since you really don't want just anyone playing with phpmyadmin and trying to brute force the password. Most folk installing xampp do not know all the ins and outs and it is simply safer to contain these things to the local computer. Misconfiguration's can be problematic at best.
gsmith
 
Posts: 278
Joined: 29. November 2013 18:04
Location: San Diego
XAMPP version: 0.0.0
Operating System: Win 10/2012R VS 14,15,16
Top

Re: XAMPP directory not accessible over local network

Postby Altrea » 23. December 2014 01:23

steve_t wrote:Questions: From the description above, it appears that, by default, XAMPP directory access over local network is disabled. Is this true and/or by design?

Access to the very sensitive parts of XAMPP is restricted for every request exept the XAMPP server itself by design.
XAMPP uses very well known default security settings (passwords, methods) so that access must be restricted to protect beginner users.
Search Google for hacked XAMPP servers and you will find a whole bunch of them.

steve_t wrote:If yes, then is the correct "fix" to enable XAMPP directory access over local network to comment out line 122 or lines 121-124?

No.
The question is: Wy should a whole network should have access to the sensitive parts of XAMPP?

steve_t wrote:Or is there a better way or am I missing something?

The recommend way is to leave it as it is, only accessible for the XAMPP server.
Administrators have commonly access to the XAMPP server so that should not be a problem.

If there are really really good reasons to make one section accessible for a bigger group of people (for example phpmyadmin to administrate databases) this single component (and nothing more) should get removed from the security concept in line 121 and should get protected to only the hosts/ips that really need access to it (for example to change line 103 from Require all granted to Require ip ...).
But a recommendation is not possible without knowing what you want to achieve.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11935
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64
Top

Re: XAMPP directory not accessible over local network

Postby steve_t » 24. December 2014 07:44

Thank you gsmith and Altrea for the replies. Your time and knowledge are greatly appreciated. I hope to reply with some "stuff" in the next 24hr.

Regards,

Steve
steve_t
 
Posts: 15
Joined: 18. December 2014 04:28
XAMPP version: 5.6.24
Operating System: Windows Vista/7/8.1/10
Top

Re: XAMPP directory not accessible over local network

Postby steve_t » 25. December 2014 08:16

Hello,

The purpose is to set up a home/work local network where phpBB styles can be developed from any computer on the local network. XAMPP is installed on one of the computers on the local network. This computer is called the XAMPP host computer. (The XAMPP host computer, of course, is assigned a private IP address by gateway/router and is Intranet facing, not Internet facing.) Then phpBB QuickInstall is installed on the XAMPP host computer. Then phpBB board software is copied to, and phpBB boards are created on, the XAMPP host computer. This was the easy part. The difficult part was learning how to properly secure the XAMPP installation on the XAMPP host computer.

Initially, I never tried connecting to the XAMPP host computer from one of the local network computers. In other words, initially, I was completely unaware of the New XAMPP Security Concept authorization policy, which is perfectly understandable, especially because the XAMPP Web interface does not mention the New XAMPP Security Concept authorization policy. This is worth repeating. the XAMPP Web interface does not mention the New XAMPP Security Concept authorization policy.

Unaware of the New XAMPP Security Concept authorization policy, it appears that the proper way to secure the XAMPP installation on the XAMPP host computer is to fill out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form. When I tried to access the XAMPP directory on localhost after filling out the "Security console MySQL & XAMPP directory protection" form, you cannot imagine the disappointment when I was granted unauthenticated access to the XAMPP directory on localhost.

So, I started looking for a way to fix the unauthenticated access to the XAMPP directory on localhost. This lead to commenting out the Require local line 122 in httpd-xampp.conf. Or to put it another way, at this point, still unaware of the New XAMPP Security Concept authorization policy, and still thinking the proper way to secure the XAMPP installation on the XAMPP host computer was to fill out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form, I could not believe that, by default, authentication to the XAMPP directory on localhost was seemingly disabled by the Require local line 122 in httpd-xampp.conf. This is the origin of the post (since deleted) asking if the "fix" for the unauthorized access to the XAMPP directory on localhost "issue" was to comment out the Require local line 122 in httpd-xampp.conf.

Thanks to replies from gsmith and Altrea, I finally figured (or so I now think) how XAMPP intends to secure the XAMPP installation on the XAMPP host computer. To possibly help others, the following suggestions are offered in return:

1.) Before the user fills out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form, the user needs to be informed; 1.) of the existence of the New XAMPP Security Concept authorization policy, 2.) that the New XAMPP Security Concept authorization policy is designed to deny access to the XAMPP directory to all computers except the localhost, and 3.) that all networked XAMPP host computers must fill out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form as a defense in depth measure in case the New XAMPP Security Concept authorization policy is defeated/hacked.

To me, not mentioning the New XAMPP Security Concept authorization policy (or whatever you would like to call it) anywhere in the XAMPP Web interface is not only a disservice to users, but makes XAMPP look less secure that it is, by default. In other words, to me, this is a must change.

2.) An optional change. After the user fills out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form, access to all components of the XAMPP directory by localhost should require authentication. Yes, it is understood that if an attacker is sitting at the XAMPP host computer then the security is already defeated. But, I do not care. And I especially do not like exceptions. Exceptions quickly become too difficult to remember. Plus, after the user fills out the XAMPP Web interface "Security console MySQL & XAMPP directory protection" form, access to phpMyAdmin by localhost requires authentication. So, why should access to the XAMPP directory by localhost be any different? And let's not forget, the XAMPP directory is pretty much set and forget; meaning, localhost should not have to access the XAMPP directory very often, which means removing the localhost exception is not that big of an inconvenience. And lastly, when authentication is not applied to localhost, I immediately wonder if it is being applied to remote computers, which creates unnecessary suspicion. Not good.

3.) Some of the text in the "Access Forbidden: New XAMPP Security Concept: Error 403" message comes from XAMPP_FORBIDDEN.html.var. This text reads:
Access to the requested directory is only available from the local network.
In the past "local network" might have been correct. Currently "local network" is incorrect. This probably should be changed to:
Access to the requested directory is only available from the local computer.

Thanks again gsmith and Altrea for the direction.

Regards,

Steve
steve_t
 
Posts: 15
Joined: 18. December 2014 04:28
XAMPP version: 5.6.24
Operating System: Windows Vista/7/8.1/10
Top
Post a reply

Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 127 guests

Powered by Bitnami phpBB
Privacy Policy