XAMPP SECURITY [Security Check 1.0]

This page gives you a quick overview about the security status of your XAMPP installation. (Please continue reading after the table.)

Subject
Status
These XAMPP pages are accessible by network for everyone UNSECURE
Every XAMPP demo page you are right now looking at is accessible for everyone over network. Everyone who knows your IP address can see these pages.
The MySQL admin user root has no longer no password SECURE
PhpMyAdmin is free accessible by network UNSECURE
PhpMyAdmin is accessible by network without password. The configuration 'httpd' or 'cookie' in the "config.inc.php" can help.
A FTP server is not running or is blocked by a firewall! UNKNOWN
A FTP server is not running or is blocked by a firewall!
PHP is NOT running in "safe mode" UNSECURE
If do you want to offer PHP executions for outside persons, please think about a "safe mode" configuration. But for standalone developer we recommend NOT the "safe mode" configuration because some important functions will not working then. More Info

The green marked points are secure; the red marked points are definitively unsecure and the yellow marked points couldn't be checked (for example because the sofware to check isn't running).

To fix the problems for mysql, phpmyadmin and the xampp directory simply use

=> http://localhost/xampp/xamppsecurity.php <= [allowed only for localhost]

Some other important notes:

All these test are made ONLY for host "localhost" (127.0.0.1).
For FileZilla FTP und Mercury Mail, you must fix all security problems by yourself! Sorry.
If your computer is not online or blocked by a firewall, your servers are SECURE against outside attacks.
If servers are not running, these servers are although SECURE!

Please consider this: With more XAMPP security some examples will NOT execute error free. If you use PHP in "safe mode" for example some functions of this security frontend will not working anymore. Often even more security means less functionality at the same time.

The XAMPP default ports:

ftp 21/tcp # File Transfer [Control] (XAMPP: FTP Default Port)

smtp 25/tcp mail # Simple Mail Transfer (XAMPP: SMTP Default Port)

http 80/tcp # World Wide Web HTTP (XAMPP: Apache Default Port)

pop3 110/tcp # Post Office Protocol - Version 3 (XAMPP: POP3 Default Port)

imap 143/tcp imap2 # Internet Message Access Protocol (XAMPP: IMAP Default Port)

https 443/tcp # http protocol over TLS/SSL (XAMPP: Apache SSL Port)

mysql 3306/tcp # MySQL (XAMPP: MySQL Default Port)

AJP/1.3 8009 # AJP/1.3 (XAMPP: Tomcat AJP/1.3 Port)

http-alt 8080/tcp # HTTP Alternate (see port 80) (XAMPP: Tomcat Default Port)

	Subject	Status
	These XAMPP pages are accessible by network for everyone	UNSECURE
	Every XAMPP demo page you are right now looking at is accessible for everyone over network. Everyone who knows your IP address can see these pages.

	The MySQL admin user root has no longer no password	SECURE

	PhpMyAdmin is free accessible by network	UNSECURE
	PhpMyAdmin is accessible by network without password. The configuration 'httpd' or 'cookie' in the "config.inc.php" can help.

	A FTP server is not running or is blocked by a firewall!	UNKNOWN
	A FTP server is not running or is blocked by a firewall!

	PHP is NOT running in "safe mode"	UNSECURE
	If do you want to offer PHP executions for outside persons, please think about a "safe mode" configuration. But for standalone developer we recommend NOT the "safe mode" configuration because some important functions will not working then. More Info

ftp	21/tcp	# File Transfer [Control] (XAMPP: FTP Default Port)
smtp	25/tcp	mail # Simple Mail Transfer (XAMPP: SMTP Default Port)
http	80/tcp	# World Wide Web HTTP (XAMPP: Apache Default Port)
pop3	110/tcp	# Post Office Protocol - Version 3 (XAMPP: POP3 Default Port)
imap	143/tcp	imap2 # Internet Message Access Protocol (XAMPP: IMAP Default Port)
https	443/tcp	# http protocol over TLS/SSL (XAMPP: Apache SSL Port)
mysql	3306/tcp	# MySQL (XAMPP: MySQL Default Port)
AJP/1.3	8009	# AJP/1.3 (XAMPP: Tomcat AJP/1.3 Port)
http-alt	8080/tcp	# HTTP Alternate (see port 80) (XAMPP: Tomcat Default Port)