For Windows UsersThe newly released version: XAMPP 1.7.4, including:
- Apache 2.2.17
- MySQL 5.5.8
- PHP 5.3.5
- phpMyAdmin 3.3.9
- FileZilla FTP Server 0.9.37
- Tomcat 7.0.3 (with mod_proxy_ajp as connector)
We do not have implemented the Tomcat in our Control Panel yet, so please use the batch scripts for start and stop:
xampp/catalina_start.bat
xampp/catalina_stop.bat
xampp/catalina_start.bat
xampp/catalina_stop.bat
For all "newcomers": You only need the XAMPP basis package. "Add-On" packages are optional.
Download older versions of XAMPP (even the "old" WAMPP) directly from 
SourceForge.
SourceForge. 
Method A: Installation with the Installer
Using the installer version is the easiest way to install XAMPP.
After the installation is complete, you will find XAMPP under Start | Programs | XAMPP. You can use the XAMPP Control Panel to start/stop all server and also install/uninstall services.
The XAMPP control panel for start/stop Apache, MySQL, FilaZilla & Mercury or install these server as services.
The XAMPP security console
As mentioned at another place, XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.
at another place, XAMPP is not meant for production use but only for developers in a development environment. XAMPP is configured is to be as open as possible and to allow the web developer anything he/she wants. For development environments this is great but in a production environment it could be fatal. Here a list of missing security in XAMPP:
- The MySQL administrator (root) has no password.
- The MySQL daemon is accessible via network.
- phpMyAdmin is accessible via network.
- The XAMPP demopage is accessible via network.
- The default users of Mercury and FileZilla are known.
All points can be a huge security risk. Especially if XAMPP is accessible via network and people outside your LAN. It can also help to use a firewall or a (NAT-) router. In case of a router or firewall, your pc is normally not accessible via network. It is up to you to fix these problems. As a small help there is the "XAMPP Security console".
Please secure XAMPP before publishing anything online. A firewall or an external router are only sufficient for low levels of security. For slightly more security, you can run the "XAMPP Security console" and assign passwords.
If you want have your XAMPP accessible from the internet, you should go to the following URI which can fix some problems:
http://localhost/security/
http://localhost/security/ With the security console you can set a password for the MySQL user "root" and phpMyAdmin. You can also enable a authentication for the XAMPP demopages.
This web based tool does not fix any additional security issues! Especially the FileZilla FTP server and the Mercury mail server you must secure yourself. If you don't need these servers, don't start them. A server which is not started, is very secure!
0 comments:
Post a Comment