Apache Friends Support Forum


https://community.apachefriends.org/f/

Securing XAMPP

https://community.apachefriends.org/f/viewtopic.php?f=16&t=76217

Page 1 of 1

Securing XAMPP

PostPosted: 04. October 2017 15:19
by mbennion
I completely understand that XAMPP is meant for testing/development. However I'm a research student and need to run my server on the internet in order to test it with users.

I've recently had a host of anti-sec bots searching my server for exploits and I'd really like to tighten XAMPP up as much as possible.

Does anyone have any advice? (other than not using XAMPP)

Re: Securing XAMPP

PostPosted: 04. October 2017 16:45
by two_socks
I think with hardening Xampp you mean hardening the services you are going to use (Apache, Mysql, etc...)
I'm not sure, but if you simply improve the service's configuration file (adding proper rules) and the server machine (i.e. firewall, kernel etc...) you should reach your target.

Re: Securing XAMPP

PostPosted: 04. October 2017 18:01
by Nobbie
mbennion wrote:I completely understand that XAMPP is meant for testing/development.


Yes, but for local development only. Xampp is not meant for running online.

Re: Securing XAMPP

PostPosted: 04. October 2017 18:16
by Altrea
I'd say "do not use XAMPP". Don't install a security hole and try to close it down; instead, start with nothing and gradually install & open up what's needed. Apache, MySQL, PHP all have standalone Windows builds. – grawity Feb 2 '15 at 13:26

So true.

Reference: https://superuser.com/questions/872643/ ... 893_872643
All times are UTC + 1 hour
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/