: When setting up LAMP for testing at a local machine, how do I make sure it's not remote accessible? I'm setting up a LAMP stack on my local machine for testing. How do I make sure the web
I'm setting up a LAMP stack on my local machine for testing. How do I make sure the web server is not remote accessible?
More posts by @Annie201
3 Comments
Sorted by latest first Latest Oldest Best
I recommend setting up a Virtual Machine (VirtualBox or VMWare) with LAMP set up within that. You can use ssh to interact with, send, or retrieve files in/out of the Virtual Machine or you can use a virtual monitor to connect to the desktop. You only have to worry about outside access if you explicitly set it up and you can set up your application just as if it was on a production server with a FCDN (www.Example.test) by editing your host file.
When developing a LAMP application I like to keep my bare metal OS and development environments separate.
Your Local machine got a virus? Just save the Virtual Machine with your lamp stack somewhere else and refactor your local drive.
You messed up a setting in your LAMP setup? just use the Virtual Machine software to roll back.
During backup do you back up the full os or just the new LAMP code you are working on? With this setup you back up everything on the virtual machine including setting, files, "hardware" specs... Everything.
What about the dependent software? Are you comfortable having those potentially exposed on your local machine?
A virtual machine makes all of these questions moot and will make your development process a lot easier.
Also as long as you are not using NAT on your router or some similar setup you should be fine.
I have a better approach to this:
There is a Listen directive in apache that allows you to specify which ports and IP addresses you want apache to work with.
For 100% security away from the outside world, use the following setting:
Listen 127.0.0.1:80
That IP address 127.0.0.1 represents localhost and is never accessible to anyone outside. Any outsider trying to access your site via that address will either get a bunch of errors or resources from their computer only.
When using this setup, start your URLs with 127.0.0.1 when running tests.
In your http configuration file set up Allow from and Deny from rules.
Example:
Deny from all
Allow from 127.0.0.1
(insert your ip address in place of the 127.0.0.1)
The exact rule is different on apache 2.2 vs 2.4
Review this page to see the difference betweeen 2.2 and 2.4: httpd.apache.org/docs/2.4/upgrading.html
Example Deny All Rule 2.2 vs 2.4:
2.2 configuration:
Order deny,allow
Deny from all
2.4 configuration:
Require all denied
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2025 All Rights reserved.