How would i be able to secure my XAMPP?

what are the settings i need to configure for httpd.conf, php.ini, ssl.conf,.. and other configurations file in the /opt/lamp/etc directory to secure my xampp server.

what are the insecurities of the xampp server? how would i be able to lessen its insecurity.

im also thingking of using drupal as my CMS. any notes on this, on how to setup drupal in XAMPP server? how about the security of the cms, any configuration to alter both for drupal and xampp settings?

this is my server setup:

i have a dyndns account that is configure to forward incoming web request to my public IP address (my public ip add is static).

this is forwarded in my linux router (firewall)... which has settings for DMZ. xampp server is the only server that can be access outside.


thanks & regards,
repolona

You want to secure it? Delete the whole thing.


Seriously, the more services you add the more insecure your machine will be, but I assume you want to use xampp and deleting it isn't such a good option, so spend a few minutes with google do some work and then ask specific questions on what you are stuck with, I didn't know what on earth xampp was, so spent < 30 seconds on google, found this page http://www.apachefriends.org/en/xampp.html which has a snippet of information on how you can start better securing xampp.

Furthermore we don't know what your requirements are, we could tell you to such, and such and such a thing but then that may disable a feature you want, for example disabling php or mod_perl

>You want to secure it? Delete the whole thing.
--> i got a firewall, to secure all open ports inside my network. port 80 is the only port accessible outside (internet). My question is specifically for XAMPP server insecurities, how to lessen its insecurities. Im running Apache with PHP module and MySQL server.

>Seriously, the more services you add the more insecure
>your machine will be,but I assume you want to use xampp
--> i know that, thats why im asking specific configurations for my web server (xampp), Apache, PHP and MySQL.

>and deleting it isn't such a good option,so spend a few >minutes with google do some work and then ask specific >questions on what you are stuck with,I didn't know what >on earth xampp was,so spent 30 seconds on google, found >this page >which has a snippet of information on how you can start >better securing xampp.

--> have you visited the site? documents and FAQ are all german. thats why im askin this questions on people who have use XAMPP and who has experience using it.


>Furthermore we don't know what your requirements are, >we could tell you to such, and such and such a thing >but then that may disable a feature you want, for >example disabling php or mod_perl

--> XAMPP includes Linux, Apache, PHP and MySQL... ill be using php for dynamic pages. i dont want to disable it.

-- just want to ask, have you ever setup a real linux box? or do you have any major projects which is based on LAMP technlogies which focuses on securities. could you give me any major site that have you work on? coz im doubt you could help me on this..

Hi.. I too am using XAMPP.. and would like to set drupal.. all I can do so far is /opt/lampp/lampp start like it explains in the help for XAMPP..

I haven't been able to get DRUPAL up too..

Thanks !

Perhaps it would be helpful to check out the english version then. Once again, google is your friend.


...and yes, i run xampp/lampp

start off by running the /opt/lampp/lampp security command to set up passwords if you haven't already.