0

Prevent Remote Access to Apache Web Server

Background

You downloaded and installed XAMPP for some research or experiment but do not want other people in the same network to have access to the local XAMPP web console. This can be achived using one of Apache HTTP Service’s core directives – <LocationMatch>

Hardware Environment

  • Another remote computer connected to the same network
    • Android Mobile Device

Software Environment

  • Windows 7 Professional SP1
  • Any web browser
  • ApacheFriends XAMPP Version 1.8.3
    • ‚ÄčApache/2.4.7 (Win32) / Open SSL/1.0.1e

Start Apache HTTP Server

Depending how you installed XAMPP, you may have installed the HTTP server as a Windows service. If this is the case, Apache HTTP Server may already be running in you local machine. However, if you have not chosen that configuration, you can start or stop Apache HTTP Service from XAMPP’s Control Panel.

01-xampp-cp-v321_wm

Verify Apache HTTP Server is running

To perform this, simply open a web browser and type in http://localhost and a XAMPP Welcome page displays.

02-xampp-localhost-ok_wm

Access XAMPP Remotely

Android mobile devices can be used as long as they are connected to the same network.

02-xampp-localhost-android_wm

Access from Android phone

httpd-xampp.conf

Depending on the LAMP stack you selected, this security measure may already be on. If not, you can modify httpd-xampp.conf and add <LocationMatch> directive at the bottom of the file as shown on the image below.

03-xampp-localhost-conf

Karl San Gabriel

Karl San Gabriel

Java and Enterprise Technologies Expert