FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Does Apache/XAMPP result in security vulnerabilty?





boinsterman
I just installed XAMPP for Windows XP, Service Pack 3 (Apache and MySQL) with no major problems (except for logging out of phpAdmin, which I discuss in another thread). The installation gave no problems--I just followed the prompts.

Do Apache and MySQL in XAMPP result in security vulnerabilty? Windows Firewall requires exceptions for Apache (ports 80 and 443) and for MySQL (port 3306). I just turned off exceptions and a phpinfo() test page worked fine, and I got no error messages in XAMPP. It was my understanding that Apache would not start with firewall exceptions turned off.

I've already registered with the XAMPP forum, but I wondered about other Frihost users' experience with it.
Peterssidan
I think you only need to add firewall exceptions if you want that other computers should be able to access your web server.
zacky
boinsterman wrote:
I just installed XAMPP for Windows XP, Service Pack 3 (Apache and MySQL) with no major problems (except for logging out of phpAdmin, which I discuss in another thread). The installation gave no problems--I just followed the prompts.

Do Apache and MySQL in XAMPP result in security vulnerabilty? Windows Firewall requires exceptions for Apache (ports 80 and 443) and for MySQL (port 3306). I just turned off exceptions and a phpinfo() test page worked fine, and I got no error messages in XAMPP. It was my understanding that Apache would not start with firewall exceptions turned off.

I've already registered with the XAMPP forum, but I wondered about other Frihost users' experience with it.


To answer the question, yes they do. There numerous and countless reports about security issues in XAMPP and that is why in most Production environment I engaged, it still preferably to install them separately so you have the default config which means worry-free on add ons on the configurations.

Though i never tried to deploy PHP, MySQL and Apache in windows, most of what i heard is they used WAMP instead of XAMPP.
boinsterman
It was installed as a production environment, not intended to connect w/ other computers. This way, I can get work done even when Frihost or my Internet provider's server are down. I can also edit and save the documents more easily that way (from Programmer's Notepad) for testing purposes, a procedure I found time-consuming (discussed in other threads).
zimmer
i used it on my Joomla development and i found it perfect Although it is very hard to install sometimes due to conflicts of ports but it works perfect over all.

Very Happy
codersfriend
I think security depends on how you've configured your XAMPP
Marcuzzo
There's a security page when you first load XAMPP in your browser.
it will tell you to password protect the directories and to make sure that a password is set for the XAMPP pages and for mySQL.

I've only used a few times on my laptop when creating websites so I can make quick changes to a website without actually working on the production site.

If I had to set up a production ( personal or not ) server I'd still go for a debian machine with apache, MySQL and PHP installed.
cabenqc
preset XAMPP is for development.
It's no good to use that for Internet access, IMHO.
Of course, it is a quick and dirty way to set up a Internet website.

Use XAMPP for development, testing, Intranet (depends), Internet (nothing special and don't care about security), I think that's fine.

Otherwise, better select other suggestions from this post.
codegeek
I use WAMP on my Windows 8 machine. What kind of vulnerabilities are we talking about? And what is the way to prevent these vulnerabilities?
Related topics
Reply to topic    Frihost Forum Index -> Computers -> Operating Systems

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.