More Security?

Problems with the Linux version of XAMPP, questions, comments, and anything related.

More Security?

Postby lastinger » 07. July 2005 02:54

I've been reading alot about xampp on the web and have heard great things about it's ease of use and install. My one concern is that in every review it's mentioned that xampp is only for development and not for production enviornment. My question is, after I implement the script for security, what more can be done to make xampp more secure? What would it take to make xampp secure enough for a production enviornment. I'm new to linux and xampp for that matter, but I have some experience with web servers of a brand I won't mention here :(
lastinger
 
Posts: 2
Joined: 07. July 2005 02:29

Postby Kristian Marcroft » 07. July 2005 09:12

Hi,

try recompinling a "XAMPP" with only the options you need.
The "unsecure" thing with XAMPP is that it contains alot of Software that is not always up to date.

Sure Apache/MySQL/PHP etc is but the rest not.
Do you need the rest? What happens, if there is a securoty problem with another Software thats included in XAMPP and though this an attacker gains root privs on your machine?

The is no way to secure XAMPP really. Only by doing it all by hand and keeping everything up to date.

So long
KriS
User avatar
Kristian Marcroft
AF Moderator
 
Posts: 2962
Joined: 03. January 2003 12:08
Location: Diedorf

Postby lastinger » 07. July 2005 12:22

Is there a simple, safe, and/or easy way to remove everything but Apache/MySQL/PHP, since I really only need those anyway. Or is disabling them in httpd.conf enough?
lastinger
 
Posts: 2
Joined: 07. July 2005 02:29

Postby Kristian Marcroft » 07. July 2005 12:49

hi,

no there isn't, since most of it is hardlinked in PHP.

So long
KriS
User avatar
Kristian Marcroft
AF Moderator
 
Posts: 2962
Joined: 03. January 2003 12:08
Location: Diedorf


Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 10 guests

cron