I recommend setting up a Virtual Machine (VirtualBox or VMWare) with LAMP set up within that. You can use ssh to interact with, send, or retrieve files in/out of the Virtual Machine or you can use a virtual monitor to connect to the desktop. You only have to worry about outside access if you explicitly set it up and you can set up your application just as if it was on a production server with a FCDN (www.Example.test) by editing your host file.

When developing a LAMP application I like to keep my bare metal OS and development environments separate.

Your Local machine got a virus? Just save the Virtual Machine with your lamp stack somewhere else and refactor your local drive.

You messed up a setting in your LAMP setup? just use the Virtual Machine software to roll back.

During backup do you back up the full os or just the new LAMP code you are working on? With this setup you back up everything on the virtual machine including setting, files, "hardware" specs... Everything.

What about the dependent software? Are you comfortable having those potentially exposed on your local machine?

A virtual machine makes all of these questions moot and will make your development process a lot easier.

Also as long as you are not using NAT on your router or some similar setup you should be fine.

10% popularity Vote Up Vote Down

@Harper822

I have a better approach to this:

There is a Listen directive in apache that allows you to specify which ports and IP addresses you want apache to work with.

For 100% security away from the outside world, use the following setting:

Listen 127.0.0.1:80

That IP address 127.0.0.1 represents localhost and is never accessible to anyone outside. Any outsider trying to access your site via that address will either get a bunch of errors or resources from their computer only.

When using this setup, start your URLs with 127.0.0.1 when running tests.

10% popularity Vote Up Vote Down

@Murray432

In your http configuration file set up Allow from and Deny from rules.

Example:

Deny from all
Allow from 127.0.0.1

(insert your ip address in place of the 127.0.0.1)

The exact rule is different on apache 2.2 vs 2.4

Review this page to see the difference betweeen 2.2 and 2.4: httpd.apache.org/docs/2.4/upgrading.html
Example Deny All Rule 2.2 vs 2.4:

2.2 configuration:
Order deny,allow
Deny from all

2.4 configuration:
Require all denied

10% popularity Vote Up Vote Down

Feed

: When setting up LAMP for testing at a local machine, how do I make sure it's not remote accessible? I'm setting up a LAMP stack on my local machine for testing. How do I make sure the web

More posts by @Annie201

: Domain listed in spamhaus.org dbl I have setup a new domain and mail server but for some reason the domain is listed in the spamhaus.org dbl blacklist. When I try complete the removal form

: Using SetEnvIf to not log overly accessed URLs I'm trying to figure out how to craft my SetEnvIf's in my apache config so that the server hard disk isn't spinning 24/7 over log entries. What

: How does the Google Web Starter Kit implement automatic browser reloading? How does the Google Web Starter Kit implement automatic browser reload when the html is changed?

: Calculating requests per second within bing In Google Search Console, I am able to set the rate at which google crawls my site and it tells me the details such as the requests per second

Login to post a comment!

3 Comments

Back to top | Use Dark Theme