New XAMPP security concept

After installing XAMPP, I saw apache Error page “Access to the requested object is only available from the local network.”I have installed XAMPP for Linux version 1.8.3-3 on CentOS 6.5 . After installation of XAMPP, I opened the URL address in web browser.By-default the URL redirected to Alias /xampp and It shown a apache “Error Page”. Below given is the description of Error and screenshot.

Access forbidden!
New XAMPP security concept:
Access to the requested object is only available from the local network.
This setting can be configured in the file “httpd-xampp.conf”.

xampp

The Error page was self explanatory with this statement – This setting can be configured in the file “httpd-xampp.conf”

The XAMPP was installed in default path i.e /opt/lampp .Hence,I searched the file httpd-xampp.conf inside /opt/lampp

find /opt/lampp -name httpd-xampp.conf

The output came up with file path as /opt/lampp/etc/extra/httpd-xampp.conf
See below reference from my system:

[root@localhost ~]# find /opt/lampp -name httpd-xampp.conf
/opt/lampp/etc/extra/httpd-xampp.conf
[root@localhost ~]# 

To solve the issue,follow the given below steps

Step 1: Edit the file httpd-xampp.conf
Edit he httpd-xampp.conf file.In this file we will allow ALL to access the XAMPP.

Editing the file with vi command

vi /opt/lampp/etc/extra/httpd-xampp.conf

At the end of file httpd-xampp.conf, you will see below given section(Inside LocationMatch). Add new line Require all granted and Comment the line Require local by using # sign.


 #       Require local
	Require all granted
	ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var

Step 2: Reload the lampp’s apache service
Now reload or restart the lampp’s apache service.

/opt/lampp/lampp reloadapache

See below given reference from my system

[root@localhost ~]# /opt/lampp/lampp reloadapache
XAMPP: Reload Apache...ok.
[root@localhost ~]# 

Alternatively, you can also use stopapache;startapache option with lampp command

/opt/lampp/lampp stopapache
/opt/lampp/lampp startapache

See below given reference from my system

[root@localhost ~]# /opt/lampp/lampp stopapache
XAMPP: Stopping Apache...ok.
[root@localhost ~]# 
[root@localhost ~]# /opt/lampp/lampp startapache
XAMPP: Starting Apache...ok.
[root@localhost ~]# 

Step 3: Open the XAMPP server URL in Web browser

Now check the issue once again and open the XAMPP server URL in Web browser.
Now it should be working.
XAMPP

IMPORTANT NOTE : In XAMPP Linux version 1.8.3-3, apache version is 2.4.7 is included. Hence,we will use Apache 2.4.x parameters in related configuration files.
See below given reference.

[root@localhost ~]# /opt/lampp/bin/apachectl -v
Server version: Apache/2.4.7 (Unix)
Server built:   Feb 12 2014 20:35:09
[root@localhost ~]# 

Recommended Troubleshooting Step: It is important to check Apache version because in Apache version 2.4 or later has new parameters.

7 thoughts on “New XAMPP security concept”

  1. You can use the following code to allow connection from only specific IP.

    Order deny,allow
    Deny from all
    Allow from

    However, I could not get that to work with a new ISP (or router) where I get an ipv6 address. 🙁

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.