Apache Friends Support Forum


https://community.apachefriends.org/f/

Guide to securing XAMPP in windows?

https://community.apachefriends.org/f/viewtopic.php?f=16&t=73968

Page 1 of 1

Guide to securing XAMPP in windows?

PostPosted: 13. May 2016 00:36
by matteusbeus
Hi,
I'm looking for a guide to help secure my dev environment on windows. I gather the security pages have been removed which makes this a tad harder to do!

Re: Guide to securing XAMPP in windows?

PostPosted: 13. May 2016 01:43
by Altrea
Hi,

secure up against what?

best wishes,
Altrea

Re: Guide to securing XAMPP in windows?

PostPosted: 13. May 2016 09:39
by matteusbeus
I'd like it to be only accessible on the local machine. However from posts I've read else where I gather this isn't 100% possible?

Re: Guide to securing XAMPP in windows?

PostPosted: 13. May 2016 14:25
by Altrea
Sure, that is pretty easy.

Open your \xampp\apache\conf\httpd.conf (plain text editor) and search for the line
Code: Select all
Listen 80


Change the line to listen only on the loopback address 127.0.0.1
Code: Select all
Listen 127.0.0.1:80


same thing for the SSL port 443 in \xampp\apache\conf\extra\httpd-ssl.conf

restart Apache.
Now Apache is only requestable from the very own computer, not from LAN, not from WAN.
All times are UTC + 1 hour
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/