XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl.
Questions tagged [xampp]
17 questions
12
votes
4 answers
Is redirecting in htaccess providing enough security for sensitive pages?
I made files with MySQL database login details. Using .htaccess, I redirect every user from /Config/config.php to /index.php. I am wondering whatever this is secure enough - this means whatever is enough to stop users from viewing…
vakus
- 3,743
- 3
- 20
- 32
7
votes
3 answers
How to generate self-signed EV SSL Certificate?
I configured XAMPP / Windows on my laptop so that this URL:
https://www.supersite.com/
points to XAMPP / localhost rather look elsewhere.
I basically generated a self-signing certificate, imported it into Windows and changed Windows hosts file.
It…
TheDude
- 183
- 1
- 1
- 5
3
votes
5 answers
How can I test that I have correctly disabled unnecessary HTTP methods?
I am making a web-based application and I disabled some of the HTTP methods which are not necessary for the website (specifically, OPTIONS, HEAD and TRACE).
I put this in the httpd.conf of my xampp to test whether this works:
RewriteEngine…
Vainglory07
- 139
- 1
- 1
- 4
2
votes
2 answers
Don't allow access to phpmyadmin page over the network? XAMPP Windows
Is it possible to block access to phpmyadmin page over the network in XAMMP Windows? I want only localhost(127.0.0.1) to be able to access the page. Other people connected to the same network shouldn't be able to access it. Eg. if 192.168.1.2 tries…
ysj
- 419
- 2
- 7
- 14
2
votes
1 answer
Is it safe to install Xampp to learn Security and Penetration testing using DVWA?
I have heard Xampp is not safe and has a lot of security loopholes. What steps need to be taken to close the loopholes? Is it better if I use a VM instead?
I new to Security Testing and want to learn using DVWA. Kindly provide some feedback...
Rishikesh
- 123
- 5
2
votes
1 answer
How secure IIS run together with XAMPP?
I'm using IIS for web server & run phpMyAdmin via IIS.
But now, I saw someone use IIS and XAMPP. There is something I wanted to know.
Usually they set : XAMPP to localhost:81 or localhost:whatever
Something that I wanted to know is the phpMyAdmin…
Zinc
- 73
- 5
2
votes
1 answer
XAMPP/Chrome net::ERR_CERT_INVALID on VALID Certificate Chain
I have set up my own Root CA and Intermediate CAs for my local sites (virtual sites). I also have installed them to trusted certificates in my computer and also the intermediate CAs on their own folder in the cert market of my computer.
However,…
Jimwel Anobong
- 121
- 4
2
votes
2 answers
Risks of exposing .htaccess file
I have an Apache server on Windows 7 using XAMPP running php in cgi mode. One of the users can modify the .htaccess file to restrict the access to the webpage for some ip addresses and configure other settings. He cannot view the source of the php…
Hawkings
- 135
- 5
1
vote
0 answers
Make Apache server only to be avaliable for personal use?
I'm afraid if I have Apache active that someone can hack into my computer so everytime I had Apache active I went offline (I also installed XAMPP on USB stick because of that fear).
How can I make Apache server to be avaliable only to me for PHP…
atho
- 11
- 1
1
vote
1 answer
Snort - Rule: Alert all php requests
I am trying to understand writing rules for snort. Further goal is detection of sql injections like here.
I've read the documentation of snort rules and created this rule:
alert tcp any any -> any 80 (msg:"SQL Injection - Paranoid"; content:".php";…
Jan
- 111
- 3
1
vote
1 answer
How to find out if content on my XAMPP server has been altered
During the development of a site, me and the team decided to develop the site with my computer as a server, with me making my localhost available from outside. I have been using several settings to try protecting the site while in development, for…
user3026192
- 11
- 1
1
vote
2 answers
If Xampp is not secure enough for a production environment what should I use?
I am not even sure if this is the right place to ask this but here goes:
I am thinking of running my own small website from a home server. I have been using Ubuntu 12.04 with xampp as my server machine but from what I hear Xampp isn't secure enough…
Suavelizard
- 11
- 1
- 3
1
vote
0 answers
Attacking XAMPP Server with Burp Suite. How do I find victim's IP Address?
I am doing an online course on web penetration testing where the instructor tells us to install Kali Linux on one virtual machine (the attacker), and any other OS (I chose Manjaro Linux) on another virtual machine as the victim machine.
We install…
mdemont
- 11
- 2
0
votes
1 answer
SQLMAP Redirect using xampp
I am learning SQLi using sqlmap and xampp.
I set up my lab the same way as per tutorial but when I run
sqlmap.py -u "http://localhost/bwapp/sqli_1.php?title=1*"
the error got 302 redirected to
http://localhost:80/bwapp/login.php
and when I…
0
votes
2 answers
Installing xampp on virtual box?
I started learning PHP and I wanted to practice PHP code using xampp or wamp server. But after reading this and doing some google research,I thought that installing server software on my home pc might be dangerous. I thought it would be better to …
negil20
- 3
- 2