Installing ApacheFriends XAMPP Server...!!

According to my experieced, if you want to install ApacheFriends XAMPP in Windows flatform as your dinamyc webserver, mainly there are two way :
1. Installation from exe file.
2. Installation from tar.gz or zip file.

In case of installation from exe file, download and unzip the 7-zip or zip archives (exe file) into the folder of your choice. Install (cliking setup) into your highest directory, then follow the instruction of installation process. The other way is installation from tar.gz or zip file, unpack the file then place in your highest directory; ussualy is C:\xampp.

ApacheFriends XAMPP
XAMPP 1.6.2 Instalation.

I am using ApacheFriends XAMPP (basic package) version 1.5.4a and XAMPP win-32 162 installer; which mainly compose of :

+ Apache 2.2.3
+ MySQL 5.0.24a
+ PHP 5.1.6 + PHP 4.4.4 + PEAR
+ PHP-Switch win32 1.0 (von Apachefriends, man nehme die "php-switch.bat")
+ XAMPP Control Version 2.3 from
+ XAMPP Security 1.0
+ SQLite 2.8.15
+ OpenSSL 0.9.8d
+ phpMyAdmin
+ ADOdb 4.91
+ Mercury Mail Transport System v4.01b
+ FileZilla FTP Server 0.9.18
+ Webalizer 2.01-10
+ Zend Optimizer 3.0.1
+ eAccelerator0.9.5 RC1 for PHP 5.1.6 (unused, modify the php.ini)

After your installation is complete, please go inside to XAMPP directory then find out "XAMPP Control Panel for Windows" enter then you will see XAMPP Control Panel. Click apache start for running the http server then clik mysql start for running mysql database server. If you wish to get automatic forever services, please check the SVC respectively.

XAMPP Control Panel.

And now your http server and database server already running and ready for use. The http root directory is "htdocs", and the database directory for your data is "mysql/data". You need to configure php/php.ini file conform to your needed; for example is mailing addess; and SMTP, ect. Browse the server from localhost : http://localhost or, then you will face to XAMPP page, you can check the php.ini configuration from php info. The http port is 80 and the datacase port is 3306 (by default). You have to place your web file or directory in the http root directory "htdocs".

About the security, the following information is from ApacheFriends :

"A matter of security (A MUST READ!) : As mentioned before, XAMPP is not meant for production use but only for developers in a development environment. The way XAMPP is configured is to be open as possible and allowing the developer anything he/she wants. For development environments this is great but in a production environment it could be fatal. Here a list of missing security in XAMPP: The MySQL administrator (root) has no password. The MySQL daemon is accessible via network. phpMyAdmin is accessible via network. Examples are accessible via network. To fix most of the security weaknesses simply call the following URL: http://localhost/security/ The root password for MySQL + phpMyAdmin and also a XAMPP directory protection can being established here."

XAMPP Security.

According to my experienced, some production server are using ApacheFriends XAMPP; and they have forgoten about the password for database user "pma" and " " with the test database. You will knowing this by accessing the addres with MySQL Administrator installation. It could be interesting item for the hacker. If you have'made password for XAMPP directory; you may to move index file for accesing this directory from the http root, if not the password will asking in http browsing.

phpMyAdmin for managing the MySQL database.

No comments: