Of course, Altrea is correct. XAMPP is definitely NOT for production environments.
I use it for development and my Linux box is at my office. I often work on it from home, or when I am away on work but have some free time. For me, I don't care who knows I use XAMPP as I have (I think) secured things well enough. That does not mean I advertise the fact either.
Two things that should be done are to turn off server signatures, and remove the /opt/lampp/htdocs/xampp folder (and any aliases or symlinks to it).
As for removing that basic authentication request, I have to say 'you should not be running a server connected to the internet if you cannot figure that out'.
HInt: you should look in the /opt/lampp/htdocs/xampp folder - or - Google ".htaccess"
I think my last statement here and your response to my question totally validates Altrea's (and the XAMPP developers) point. XAMPP is NOT for production environments,
There is nothing I can do to prevent you from being reckless, and it is your machine and your efforts that are on it. I would say "be sure to back up frequently". It would also be a good idea to invest the time to actually learn the technology you want to use.