xampp 1.8.2-4 security issues

Problems with the Linux version of XAMPP, questions, comments, and anything related.

xampp 1.8.2-4 security issues

Postby shailendra mudgal » 20. March 2014 16:09

Hi Everyone,

I have installed 1.8.2-4 version of xampp on a linux machine running on AWS infrastructure.
Since it is a remote instance, I modified /opt/lampp/etc/extra/httpd-xampp.conf and replaced #Require local with Require all granted. And after that i could access xampp.

I also executed sudo /opt/lampp/xampp security and changed the passwords.

Now from here my doubts start.

1. I am able to see the xampp page directly without it prompting me for the password. Is it not a security concern. anybody can access my xampp installation...
2. When i try to access phpmyadmin, it says:
---------------------------------------------------------------------------------------------------------------------------------------
Welcome to phpMyAdmin


Error
MySQL said: Documentation

#1045 - Access denied for user 'root'@'localhost' (using password: NO)
phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server.
Retry to connect
---------------------------------------------------------------------------------------------------------------------------------------
when i searched for this error i found people suggesting adding password in /opt/lampp/phpmyadmin/config.inc.php
under $cfg['Servers'][$i]['password'] = ''

I tried adding my password there and it worked fine. But now i have more serious doubt that now anyone can access my phpmyadmin and play with it.

I am extremely sorry for asking very novice question. But i am unable to understand the security concept of xampp.

Thanks a lot in advance.
Shailendra..
shailendra mudgal
 
Posts: 1
Joined: 20. March 2014 14:58
Operating System: Linux

Return to XAMPP for Linux

Who is online

Users browsing this forum: No registered users and 25 guests

cron