Apache Friends Support Forum

After manually installing and configuring LAMP for years I finally "discovered" XAMPP very recently. Very, very good!

In reading through the docs and FAQ's as well as these forums I noticed where someone stated that XAMPP should NOT be implemented in a "Live Production" environment. Of course, development is usually configured slightly different than production for security (ease of access) reasons, but can anyone here please explain whether or not XAMPP could/should be deployed on a production system? After all, the components of XAMPP are identical to what is needed when the developed code is placed into production.

Any advise, opinions and considerations will be greatly appeciated. I am axious to see what other have to say about this issue.

Thanks,

Bob

Don't know why I didn't find this BEFORE my post and I am referring to: http://community.apachefriends.org/f/viewtopi ... production

One responder states that apache2 and php5 are NOT secure. Well, we've been running apache2 in production on multiple machines for a commercial banking product for many years (3+) with pretty good security. We do monitor access and things but we are generally very please with AP2. As far as php5 goes, the jury is still out yet.

I would still appreciate newer opinions from team members and/or other users/developers who may use XAMPP.

Thanks,

Bob

Gmail is in beta. Google Maps is in beta. Microsoft has a hundred web pages in beta.

That's the cool thing to say nowadays - to claim your software is not production ready. XAMPP is used exclusively on our intranet system, and it's a charm. I'm sure there are plenty of reasons why not to use XAMPP, but by the same token, there are reasons not to use Apache, PHP, IIS, Windows, MySQL, PostGres, MSSQL, etc.

Make sure you have run the security program. Turn off network access to MySQL. Make your passwords strong. Make sure you delete unecessary tools, like maybe the entire /xampp folder. Get rid of phpsqliteadmin if you don't use it. Block off WAN access to phpMyAdmin. You'll be fine.

(This post is beta quality. Use this advice at your own risk)