Additional security for xampp test server

January 15th, 2006 in Xampp WebServer and topic/s , . Comments Off on Additional security for xampp test server

You may recall in a previous post I discussed securing your xampp test server so that xampp could be run as a windows service, and not be accessible to the outside world. When you’re running a test server this is a significant security breach, and would also allow others to see your test sites before they are complete.

I was satisfied that my webserver was now secure but I didn’t reckon on SSL. Thankfully I received a private message from another xampp user who told me I need to also ensure that port 443 is closed to outside traffic. SSL means ‘secure sockets layer’ and is the extra security applied by your browser to a webpage. You know your browser is using SSL when the address bar says, as compared to the more usual

Xampp ships with SSL because it can actually be used as a production webserver if needed, but to peple like me who only want to test my themes on serendipity blog I don’t need these extra facilities. Sometimes I wish a dedicated plain old test server could be packaged up by someone, but until then Xampp is the best.

Now, to secure our test server from outside interference on port 443 we need to bind apache to our local IP ( on port 443. This time we’re going to open ‘c:\program files\xampp\apache\conf\extra\httpd-ssl.conf’ in wordpad, and once again you will find the listen directive close to the top of the page. Insert this line,


Your test server should now include the additional security needed, but you will need to restart xampp for the changes to be applied.

Manage your Xampp sub-folders

January 9th, 2006 in Xampp WebServer and topic/s . Comments Off on Manage your Xampp sub-folders

Xampp is the most useful piece of software I have on my computer, allowing me to test my websites and themes without having to be connected to the ‘net.

Once you start working with more than one website however, you have to create extra sub-folders, which is fine, but then accessing the folders from your browser either means bookmarking your sites or typing the sub-folder name into the browser address bar.

Call me lazy, but I don’t want to use bookmarks or type a folder name into my address bar. I decided I just wanted to have http://localhost configured as my browser homepage, and I wanted to simply replace the default xampp page with a new page that simply lists the important links like phpMyAdmin, and all my sub-folders. Worked lke a charm, except I still need to edit the links to add new sub-folders.

Now as fate would have it, I’m trying learn a little php so I can be more knowledgeable when talking to other s9y users in the forums. And to cut a long story short, my search for php tutorials led me to a short script that automatically searches my web folder for new sub-folders, then creates the links without any intervention from me. Read More »

Securing Your Xampp Test Server

December 15th, 2005 in Xampp WebServer and topic/s . Comments Off on Securing Your Xampp Test Server

One of the issues I grappled with was how to keep my test server running as a Windows service, yet also make sure that nobody else over the Net could access my test server. I figured this would be a security breach that might allow someone to hack into my computer.

For those of you who wonder whether this article applies to you, I am using Windows XP Home, and because this version of Windows doesn’t come with a webserver, I downloaded and installed the Windows version of Xampp. I am also using the standard firewall that comes with Windows. Read More »