How to Secure XAMPP Server (version older than 5.5) in your Production environment

| By Webner

In the older versions of XAMPP (below 5.5), there are a couple of security vulnerabilities. If you are running XAMPP in your production environment and don’t want to upgrade/install the higher version, then make sure you do few changes in your existing XAMPP security using following steps in your XAMPP configuration files:

The XAMPP configuration file location in different platforms:

In Windows: C:\xampp\apache\conf\extra\httpd-xampp.conf
In Linux: /opt/lampp/etc/extra/httpd-xampp.conf
In OS X: /Applications/XAMPP/etc/extra/httpd-xampp.conf

Put following directives to above mentioned file:

Alias /phpmyadmin “/xampp/phpMyAdmin/”
<Directory “/xampp/phpMyAdmin”>
AllowOverride AuthConfig
Require all granted ## (remove this line if it’s there)
Require local ## (add this line)
Require ip ## (add this line if you one specific ip to access phpmyadmin url)
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var ## (add this line)

Leave a Reply

Your email address will not be published. Required fields are marked *