WampServer

Hi,

this is the first time me doing this so I have a few questions so excuse me if I ask nOObish questions...


(1.) currently I am using the WAMP package as a local test server. Is this package suitable to run on a PRODUCTION SERVER ?

--> I am assuming it is, but I am not sure regarding security...


(2.) if so, is there anything I need to think about regarding security ?

--> are there any settings I need to configure if I run this package on a PRODUCTION SERVER ?


(3.) I am planning on running this package on a dedicated server with multiple domains accessing the MySQL database...

--> is there a limit in connections to the MySQL database and if so what is it ? Or is that basically only limited by the amount of physical RAM that the server has installed ?

--> can I change the max connection settings allowed to the MySQL database ?

--> if so, what should I change it to ?


(4.) I am planning on running the newest WAMP with PHP 5.3 on the production server...

--> anything to consider regarding this (security etc.) ?


Thanx for your help in advance !

- M

1. not only this wamp, but most wamp package do not have any security in place and you need to implement it yourself and the reason is very simple: different people have different things to run and depends what you have, you will have to secure those apps; thus, most wamp package cannot provide security; however, you can setup ssl for security transaction

2. to setup ssl, follow this
[blog.jlbn.net]

3. for current mysql, max is 151, and in order to change it, you have to make the changes in apache and php as well; also, you must have hardware good enough to make those changes; too many factors to list

4. latest php version omit some functions which might prevent some free scripts out there such as wordpress, joomla, ... run properly, so it's not good to host but if you write and run your own scripts, then you don't have to worry about it

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides

yfastud,


thank you for your quick response.


I have read the tutorial, it seems good, still have questions.


Can you please explain to me WHICH PARTS of WAMP need to be secured once installed on a production machine...

1. php config files ?

2. apache config files ?

3. php my admin access ?


Just to clarify, none of my domains require / transfer any sensitive data (credit card data etc.) I was rather worried that somebody could access these config / install files and therefore make changes to my server or access my MySQL database...

But now that I think about it, couldn't that be solved via a simple .htaccess file ?

Please clarify.

Thank you.

- M

if sure no sensitive data, you don't really need to worry about security

setup vh will prevent people to go above assigned document root or to another assigned document root

to setup vh, follow this
[blog.jlbn.net]

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides

okay,

just to make sure I am not missing anything:


I have people register / login on one site but that would not need to be done via SSL as far as I know...


What would you consider "sensitive data" ?


Thanx.

- M

"sensitive data" is any personal info such as register / login should be done through ssl encryption

Have fun,

FREE One A Day
FREE Photo
FREE Games
FREE Websites
FREE Portable GPS
FREE WAMP Guides