Friday, 18 November 2011
Securing LAMPP/XAMPP Installation
LAMPP by default leaves everything open and insecure allowing the possible intrusion to the system. In this post, I will show how you can secure yourself from the possible intrusions if you are using XAMPP and you are in the network. I am using LAMPP, the linux version of XAMPP to demonstrate the steps.
First lets run the security module of LAMPP to impose security in the LAMPP. To fix the security holes, type:
Now you will be asked with series of passwords if they are open to the intrusion. Check the following session of how I set the passwords for different daemons/services.
I hope this helps to fix the security issues quickly. However, there are other several issues that could be fixed to attain maximum level of security.
EDIT: Check this link for more detailed information than mine.
First lets run the security module of LAMPP to impose security in the LAMPP. To fix the security holes, type:
sudo /opt/lampp/lampp security
Now you will be asked with series of passwords if they are open to the intrusion. Check the following session of how I set the passwords for different daemons/services.
samar@Techgaun:~$ sudo /opt/lampp/lampp security
XAMPP: Quick security check...
XAMPP: Your XAMPP pages are NOT secured by a password.
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Password protection active. Please use 'lampp' as user name!
XAMPP: The MySQL/phpMyAdmin user pma has no password set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL pma password.
XAMPP: Setting phpMyAdmin's pma password to the new one.
XAMPP: MySQL has no root passwort set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Write the password somewhere down to make sure you won't forget it!!!
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL root password.
XAMPP: Change phpMyAdmin's authentication method.
XAMPP: The FTP password for user 'nobody' is still set to 'lampp'.
XAMPP: Do you want to change the password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Reload ProFTPD...
XAMPP: Done.
XAMPP: Quick security check...
XAMPP: Your XAMPP pages are NOT secured by a password.
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Password protection active. Please use 'lampp' as user name!
XAMPP: The MySQL/phpMyAdmin user pma has no password set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL pma password.
XAMPP: Setting phpMyAdmin's pma password to the new one.
XAMPP: MySQL has no root passwort set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Write the password somewhere down to make sure you won't forget it!!!
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL root password.
XAMPP: Change phpMyAdmin's authentication method.
XAMPP: The FTP password for user 'nobody' is still set to 'lampp'.
XAMPP: Do you want to change the password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Reload ProFTPD...
XAMPP: Done.
I hope this helps to fix the security issues quickly. However, there are other several issues that could be fixed to attain maximum level of security.
EDIT: Check this link for more detailed information than mine.
Labels:
lampp hardening,
security
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Securing LAMPP/XAMPP Installation
2011-11-18T21:53:00+05:45
Cool Samar
lampp hardening|security|
Subscribe to:
Post Comments (Atom)