1. Tired of not being able to see links? Want to chat with other members? Need help?

[How To] Securely setup Xampp

Discussion in 'Habbo Tutorials' started by JayCustom, Nov 28, 2014.


Was this helpful?

  1. Yes

  2. No

  3. Sorta

Results are only viewable after voting.
  1. JayCustom

    JayCustom echo "Web Developer";

    So I have noticed a problem with people messaging me or creating help threads "How do I setup IIS because Xampp isn't secure" this is actually false. Anyone who wishes to argue then just leave the thread now. I have owned a large majority of retros, every one of them using Xampp and I have never been hacked. So I am going to give a quick tutorial on how to set it up and get it to work correctly.

    First Step: Install Xampp
    This is done simply by googling Xampp Install
    You only need the required components, you can uncheck Firebird and such

    Second Step: Install Apache and Mysql
    Most Xampp's will look nicer then this, this is a very old version :) You just check the Service and it will install. It takes a few seconds and then you're ready to rock.

    Third Step: Secure external connections
    You want to delete your Webdav folder from your htdocs otherwise people can connect to your Xampp.

    Fourth Step: Secure your folders
    Open Xampp Directory -> Apache -> Conf -> httpd.conf
    Search For
    "Options Indexes FollowSymLinks"
    Replace that part with:
    "Options -Indexes +FollowSymlinks"
    This will make it so people can't view your R63 folder Directory!

    Fifth Step: Change your default password for Xampp and Secure your database!

    Sixth Step: Run Apache/Mysql and you are good to go!

    Links that might help you if you're stuck:
    [ Want to see this link? Register ! ]
    [ Want to see this link? Register ! ]
    [ Want to see this link? Register ! ]
    RyanzRetros and Ch4ka like this.
  2. BIOS

    BIOS \r%20

    The reason people say you shouldn't use XAMPP is because it is made for development purposes and it states that on their site meaning it isn't recommended that you use it for a public site.
    Jeffrey likes this.
  3. JayCustom

    JayCustom echo "Web Developer";

    Yes but the fact of the matter is, you can't hack into it if you set it up correctly and its easy to use and there a lot of hotel tutorials that use Xampp to setup and people are like "IIS Tutorial?" well now they don't need to do that because they know how to setup Xampp securely.
  4. Khalil

    Khalil Donator

    Even if you fully secure XAMPP, it's a bad choice to use it for a live environment. XAMPP was created originally only to be used as a development tool, not for live production. Hence why most of it's security features are disabled by default.
    However, we do appreciate your effort.
    Dr_LaN likes this.
  5. JayCustom

    JayCustom echo "Web Developer";

    Sorry you don't believe this is the best tutorial. I also found this to help secure your Apache:
    There is an Apache module that was created to prevent a DDoS attack, although it's probably not installed by default. Follow these steps to install the module.

    1. Open your terminal window.

    2. Issue the command sudo apt-get -y install libapache2-mod-evasive.

    3. Issue the command sudo mkdir -p /var/log/apache2/evasive.

    4. Issue the command sudo chown -R www-data:root /var/log/apache2/evasive.

    5. Open the /etc/apache2/mods-available/mod-evasive.load file (using sudo and your favorite text editor) and append the following to the bottom of that file (this is one configuration per line):

    DOSHashTableSize 2048
    DOSPageCount 20 # maximum number of requests for the same page
    DOSSiteCount 300 # total number of requests for any object by the same client IP on the same listener
    DOSPageInterval 1.0 # interval for the page count threshold
    DOSSiteInterval 1.0 # interval for the site count threshold
    DOSBlockingPeriod 10.0 # time that a client IP will be blocked for
    DOSLogDir “/var/log/apache2/evasive”
    DOSEmailNotify admin@domain.com

    6. Save the file and restart Apache.

    You should now be better protected from DDoS attacks.
  6. Ch4ka

    Ch4ka bamboozled

    Nice one dude....... love u
  7. JayCustom

    JayCustom echo "Web Developer";

  8. RyanzRetros

    RyanzRetros Developer of ChakCMS

    Great work Jay, I do like IIS but XAMPP is equally good. I do agree, I would never run a hotel off of XAMPP publicly.
  9. Clu

    Clu ripping useful stuff from habbo

    I wouldn't use xampp. Even if i was getting paid too.
  10. RyanzRetros

    RyanzRetros Developer of ChakCMS

    It is not that bad... Once secured... Easier to set up...
  11. JayCustom

    JayCustom echo "Web Developer";

    Stick to graphics please, because web servers are web servers and Xampp is commonly used. It has only got a bad name because of people who don't know how to delete the webdav folder which allows external connections
  12. RyanzRetros

    RyanzRetros Developer of ChakCMS

    Well put. I wouldn't disregard XAMPP, only use IIS because you don't have to start up every time but yes, I agree, XAMPP is secure enough to be used.
  13. Clu

    Clu ripping useful stuff from habbo

    Don't tell me where to stay kid.
  14. RyanzRetros

    RyanzRetros Developer of ChakCMS

    I wouldn't use the term kid... Also, he does have a point... I can see you're new but please, get used to being wrong. XAMPP is perfectly secure, it is just noobs who beleive everything everybody says that say it isn't... If I said my house was the size of my penis, would you believe it? Exactly. Also, Jay is one of the most respected users in the retr community of Devbest so fuck off back to FaGZONE if you don't like it here. *Rant is over*
  15. Clu

    Clu ripping useful stuff from habbo

    I've been here a while lol
  16. RyanzRetros

    RyanzRetros Developer of ChakCMS

    So either you're an inactive user or a newbie at retro's, either way... You should know that XAMPP is secure..
  17. Clu

    Clu ripping useful stuff from habbo

    @Backpack & Never been on rz for many reasons. You're standing up for xampp like you own it,It's my opinion im going to stick to that.
  18. RyanzRetros

    RyanzRetros Developer of ChakCMS

    I do not own it at all, but I will stand up for it. Congrats for never being on FaGZONE, you haven't missed much.
  19. Clu

    Clu ripping useful stuff from habbo

    congrats for being on bt ;)
  20. RyanzRetros

    RyanzRetros Developer of ChakCMS

    Internet providers you mean? If so, good guess, but wrong.

Share This Page