How to put your hotel a bit more secure.

Motorola

Motorola

New Member
Sep 10, 2012
29
1
Hello DevBest :) Today I will be showing you how to protect your hotel a little bit more if you are using Xampp
And really I have no idea if this has been released. But o well this is my first Tut so rate me out of 10.

1st you go to Xampp Control Panel
Then you click explore then to Apache/Conf/extra/httpd-xampp.conf
Once you have opened that file Find this code
PHP: 
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampplicenses|security|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8
              fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
              fe80::/10 169.254.0.0/16
 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
And replace it with
PHP: 
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampplicenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    allow from all
        ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

After you have done that
Go into apache > conf > extra > httpd-dav.conf

Once you have opened up that file find this code
PHP: 
<Directory "C:/xampp/webdav">Dav On
 
Order Allow,Deny
Allow from all
And replace it with
PHP: 
<Directory "C:/xampp/webdav">Dav Off
 
Order Deny,Allow
Deny from all
After that just delete your webdav folder
And done your hotel is alot safer (even tho you should still use IIS instead of Xampp) But hopefully this was noob friendly and alot of you understood this well thanks for reading :up:
 
GohanSSJ

GohanSSJ

Ya.
Feb 18, 2013
281
30
Its a good tutorial however I do not think this is doing a thing to the security.

As known is it important to remove the WebDAV and Anonymous folder because both of those makes th chance higher to be hacked if you leave them back there.

For what I would advice anyone here is to find a decent tutorial how to set up an IIS hotel and thus is way safer.

Yes there are obvious IIS exploits that can only obviously be done via Metasploit but the chance that they work is very very low so don't fear that.

Along that nobody really knows how t us Metasploit thus not needing to be afraid.
 

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
☀️  Switch to Light Theme

Latest posts

Top