New XAMPP security concept

After installing XAMPP, I saw apache Error page “Access to the requested object is only available from the local network.”I have installed XAMPP for Linux version 1.8.3-3 on CentOS 6.5 . After installation of XAMPP, I opened the URL address in web browser.By-default the URL redirected to Alias /xampp and It shown a apache “Error Page”. Below given is the description of Error and screenshot.

Access forbidden!
New XAMPP security concept:
Access to the requested object is only available from the local network.
This setting can be configured in the file “httpd-xampp.conf”.


The Error page was self explanatory with this statement – This setting can be configured in the file “httpd-xampp.conf”

The XAMPP was installed in default path i.e /opt/lampp .Hence,I searched the file httpd-xampp.conf inside /opt/lampp

find /opt/lampp -name httpd-xampp.conf

The output came up with file path as /opt/lampp/etc/extra/httpd-xampp.conf
See below reference from my system:

[root@localhost ~]# find /opt/lampp -name httpd-xampp.conf
[root@localhost ~]# 

To solve the issue,follow the given below steps

Step 1: Edit the file httpd-xampp.conf
Edit he httpd-xampp.conf file.In this file we will allow ALL to access the XAMPP.

Editing the file with vi command

vi /opt/lampp/etc/extra/httpd-xampp.conf

At the end of file httpd-xampp.conf, you will see below given section(Inside LocationMatch). Add new line Require all granted and Comment the line Require local by using # sign.

 #       Require local
	Require all granted
	ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var

Step 2: Reload the lampp’s apache service
Now reload or restart the lampp’s apache service.

/opt/lampp/lampp reloadapache

See below given reference from my system

[root@localhost ~]# /opt/lampp/lampp reloadapache
XAMPP: Reload Apache...ok.
[root@localhost ~]# 

Alternatively, you can also use stopapache;startapache option with lampp command

/opt/lampp/lampp stopapache
/opt/lampp/lampp startapache

See below given reference from my system

[root@localhost ~]# /opt/lampp/lampp stopapache
XAMPP: Stopping Apache...ok.
[root@localhost ~]# 
[root@localhost ~]# /opt/lampp/lampp startapache
XAMPP: Starting Apache...ok.
[root@localhost ~]# 

Step 3: Open the XAMPP server URL in Web browser

Now check the issue once again and open the XAMPP server URL in Web browser.
Now it should be working.

IMPORTANT NOTE : In XAMPP Linux version 1.8.3-3, apache version is 2.4.7 is included. Hence,we will use Apache 2.4.x parameters in related configuration files.
See below given reference.

[root@localhost ~]# /opt/lampp/bin/apachectl -v
Server version: Apache/2.4.7 (Unix)
Server built:   Feb 12 2014 20:35:09
[root@localhost ~]# 

Recommended Troubleshooting Step: It is important to check Apache version because in Apache version 2.4 or later has new parameters.

7 thoughts on “New XAMPP security concept”

  1. You can use the following code to allow connection from only specific IP.

    Order deny,allow
    Deny from all
    Allow from

    However, I could not get that to work with a new ISP (or router) where I get an ipv6 address. 🙁


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.