Installing Apache, SQL, & PHP on local machine

[SmokingMan]

I'm going through the W3C tutorials on PHP. I would like to be able to run these scripts on my local machine rather than have to upload to my hosting server while I learn the language. And besides, I would like to be able to develop on my machine before uploading anyway. I looked at bundles that install Apache, SQL, & PHP, but was a little concerned about the security once I installed them. Am I just being paranoid, or are there some issues I need to address before I install this software? I was looking to install WAMP5 that I linked to from the introductory tutorial at php.net.

[jlhaslip]

So long as the box never gets "hooked up" as a live web server, there is no problem. And most ISP's would block the ports which let you connect as a server anyway. Besides, who would even know how to connect to you if you don't have a top-level-domain and are not listed on a name-server, so download the software and have some fun. Lastly, don't hurt yourself.I have had really good luck with XAMPP.

[Anders Moen]

You can use XAMPP! I use it and I'm happy with it Download here

[SmokingMan]

So long as the box never gets "hooked up" as a live web server, there is no problem. And most ISP's would block the ports which let you connect as a server anyway. Besides, who would even know how to connect to you if you don't have a top-level-domain and are not listed on a name-server, so download the software and have some fun. Lastly, don't hurt yourself.

I had wondered how anyone would find me, but I'm always a bit paranoid when it comes to securing my computer. So you all think XAMPP is better than WAMP5? And as far as not hurting myself, that's why I keep regular backups

[jlhaslip]

I can't express an opinion about WAMP, I have not used it.

[thibo1025]

XAMPP is really good, EasyPHP is nice too. but for WAMP5 I've never herd of it so... I don't know.

[justsomeguy]

No one will be able to reach the server if you have a router that does NAT or if you have a software firewall. If you have a router that does NAT, then it is already blocking traffic to your computer, you would need to explicitly forward port 80 to your machine if you want people to be able to access the web server. If you want to see which ports you have open, go to www.grc.com, find the test for Shields Up!, and run a scan on all service ports. It will tell you which ports your machine has opened, closed, or stealthed.

[boen_robot]

No one will be able to reach the server if you have a router that does NAT or if you have a software firewall. If you have a router that does NAT, then it is already blocking traffic to your computer, you would need to explicitly forward port 80 to your machine if you want people to be able to access the web server. If you want to see which ports you have open, go to www.grc.com, find the test for Shields Up!, and run a scan on all service ports. It will tell you which ports your machine has opened, closed, or stealthed.

... but if you're behind a NAT router, you'll see which ports the router has opened. If you aren't sure about whether you're behind a NAT router or not, comapre your IP adress from your network settings to the one you're presented on the internet with. Check whatismyip.com to see the IP with which you're identified across the internet. If those IPs are different, you're behind a NAT router. If they are the same, chances are you're not behind a NAT router.

[justsomeguy]

... but if you're behind a NAT router, you'll see which ports the router has opened.

Right, that's the point. You want to figure out what other people see when they look at your network. If your router is forwarding traffic on port 80 to a machine on the network, then there is a potential security issue with running a web server. There are security issues with any open port, but the test on grc.com explains what the different ports are used for so you can decide if you need to shut a certain one off. If you're running MySQL, you need to close port 3306, you don't want to allow outside connections to a development machine. You really don't even want to allow outside connections to any database server. MS SQL Server uses ports 1433 and 1434, you never want to have those open. Put a network monitor on a network with ports 1433 and 1434 open and you'll watch traffic come in from China, Russia, Korea, Brazil, Eastern Europe, etc. Most of them are probably SQL Server worms looking for a new home. So it's a good idea to run the port scan and figure out exactly what you have open to the outside.

[SmokingMan]

I've downloaded, but have not installed XAMPP yet. I'll run the port scan to see what's open. I use ZoneAlarm as my firewall, so I don't know how secure my machine really is. But I do use a broadband, always on connection. Before I install anything, I need to be sure I'm as secure as I can be. I thought I was paranoid before, but now....... I went to grc.com and passed all tests. All ports are secure, there was no response from my machine to any of the packets sent. Great site, I can sleep easy for now

Edited February 19, 2007 by SmokingMan