"New Xampp Security Concept" also blocking local computers

Problems with the Linux version of XAMPP, questions, comments, and anything related.

"New Xampp Security Concept" also blocking local computers

Postby helo478 » 21. December 2014 01:22

My expectation is that, when the new Xampp security concept is activated (restricting access to the http server and other services to devices on the local network), that it allow devices on the local network access, while blocking WAN devices.

Actually, when the feature is activated, it prevents any device, local or otherwise, from accessing the xampp server.

This may appear to be a duplicate of similar posts, but there is an important distinction:

The solution that was given in similar posts was to turn off the security feature. However, I want that security feature active. I want access to be restricted to the local network. How do I fix the security feature (so that it allows access to local network devices, but not external devices) without turning it off?
helo478
 
Posts: 2
Joined: 21. December 2014 01:13
Operating System: Debian Linux

Re: "New Xampp Security Concept" also blocking local compute

Postby Nobbie » 21. December 2014 12:55

helo478 wrote:However, I want that security feature active. I want access to be restricted to the local network. How do I fix the security feature (so that it allows access to local network devices, but not external devices) without turning it off?


The TCPIP ipv4 convention about local network results in certain private IP ranges, which are:

192.168.0.0/16 (192.168.*.*)
172.16.0.0/12 (from 172.16.*.* to 172.31.*.*)
10.0.0.0/8 (10.*.*.*)

So instead of only looking for "IP is 127.0.0.1 or not 127.0.0.1" you have to differ between "IP is in the range of one the above ranges or Not". Depending on your Apache Version, you either have to adapt the appropriate "Allow From ...." clause (or "Deny ....") or instead the "Require IP ..." Clause.

See http://httpd.apache.org/docs/2.2/howto/access.html
and http://httpd.apache.org/docs/trunk/mod/ ... _host.html

for full documentation and examples.
Nobbie
 
Posts: 8762
Joined: 09. March 2008 13:04

Re: "New Xampp Security Concept" also blocking local compute

Postby helo478 » 28. December 2014 07:39

I am confused by your response, but I think I may know why. Are you saying that "local" in the way that it is being used in this context is different from the way that I am using the word "local". I am using it to mean my local area network. Are you saying that, in this context, it is only referring to localhost 127.0.0.1 ?
helo478
 
Posts: 2
Joined: 21. December 2014 01:13
Operating System: Debian Linux

Re: "New Xampp Security Concept" also blocking local compute

Postby Nobbie » 28. December 2014 15:26

helo478 wrote:Are you saying that "local" in the way that it is being used in this context is different from the way that I am using the word "local".


No.

helo478 wrote:I am using it to mean my local area network.


As i did.

helo478 wrote:Are you saying that, in this context, it is only referring to localhost 127.0.0.1 ?


No. Only "localhost" refers to 127.0.0.1

Seems, you are confusing yourself. You pointed out, that "local" clients are blocked by Xampp Security Concept. That is exactly what happens, because only "localhost" is allowed to access Xampp Admin Pages (that is how it is "out of the box"). If you want to change this, you have to change the "Allow From ..." (or "Require ...") clause in httpd-xampp.conf. But I assume, that you DONT WANT to grant access for ALL IPs (= everyone in the world). Therefore i explained how to determine via the clients IP, if it is coming from local network or from word wide internet. Dont know, why you are confused?!
Nobbie
 
Posts: 8762
Joined: 09. March 2008 13:04

Re: "New Xampp Security Concept" also blocking local compute

Postby larryhyman » 22. April 2015 03:30

I had the same situation but was able to fix it like this:

Edit this file:

/opt/lampp/etc/extra/httpd-xampp.conf

Go to the bottom of the file and change it to match your LAN IP range:

Code: Select all
# New XAMPP security concept

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
        Require ip 192.168.2
   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
larryhyman
 
Posts: 1
Joined: 09. June 2007 15:31
Location: Montreal


Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 8 guests