Showing posts with label lampp hardening. Show all posts
Showing posts with label lampp hardening. Show all posts

Friday 18 November 2011

Securing LAMPP/XAMPP Installation

LAMPP by default leaves everything open and insecure allowing the possible intrusion to the system. In this post, I will show how you can secure yourself from the possible intrusions if you are using XAMPP and you are in the network. I am using LAMPP, the linux version of XAMPP to demonstrate the steps.

First lets run the security module of LAMPP to impose security in the LAMPP. To fix the security holes, type:

sudo /opt/lampp/lampp security

Now you will be asked with series of passwords if they are open to the intrusion. Check the following session of how I set the passwords for different daemons/services.

samar@Techgaun:~$ sudo /opt/lampp/lampp security
XAMPP: Quick security check...
XAMPP: Your XAMPP pages are NOT secured by a password.
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Password protection active. Please use 'lampp' as user name!
XAMPP: The MySQL/phpMyAdmin user pma has no password set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL pma password.
XAMPP: Setting phpMyAdmin's pma password to the new one.
XAMPP: MySQL has no root passwort set!!!
XAMPP: Do you want to set a password? [yes] yes
XAMPP: Write the password somewhere down to make sure you won't forget it!!!
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Setting new MySQL root password.
XAMPP: Change phpMyAdmin's authentication method.
XAMPP: The FTP password for user 'nobody' is still set to 'lampp'.
XAMPP: Do you want to change the password? [yes] yes
XAMPP: Password:
XAMPP: Password (again):
XAMPP: Reload ProFTPD...
XAMPP: Done.

I hope this helps to fix the security issues quickly. However, there are other several issues that could be fixed to attain maximum level of security.

EDIT: Check this link for more detailed information than mine.


Read more...