Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 04, 2018 11:46PM

Hi,

This is a newbie question but when after selecting both the public and the local networks in the installation of wamp, I can't find where to restrict access to these networks. My understanding is that right now, since I have installed wamp anyone has access to my networks (at least the public one). Is there a sort of privacy settings parameters to "close" these networks (or Apache)?

Thanks for the help!!

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Otomatic (Moderator)
Date: December 05, 2018 09:11AM

Hi,

During installation, Wampserver is only local. There are no requests for access to the public network.

------------------------------------------------------------------------------------------------------------
Wampserver 3.1.6 32 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
Wampserver 3.1.6 64 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
PhPMyadmin 4.8.3 - MysqlDumper 1.24.5
on W10 and W7 Pro 64 bit
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
« Ce n'est pas parce qu'ils sont nombreux à avoir tort, qu'ils ont forcément raison. Coluche »
« It's not because they are many to be wrong, they are necessarily right. Coluche »

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 05, 2018 11:35PM

Hi Otomatic,

Thanks for your reply.

What I was talking about was this (that I have copy-paster from the 'Troubleshooting' Topic in the Forum): ""Offline" Does not mean that Apache is down. It means that Apache is configured to only accept connections from the PC running WAMPServer.
- "Online" means Apache is configured to accept connections from any ip address. As long as you have not port forwarded your router in reality this just means any IP address in your local network. If you do port forward your router this means any ip address in the universe. This is not recommended for beginners however much you want to show your friends what you have done."


Currently the WAMP icon is green so I guess it means anyone can access my server/netwrok. How can I stop accepting other connections please?
Thanks!

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: RiggsFolly (Moderator)
Date: December 06, 2018 12:32AM

Hi,

I think that was probably one of my comments. smiling smiley

The WAMP Icon is Green
This means that all the active services ( Apache/MySQL and maybe mariaDB ) have successfully started.
It does not indicate that Apache is configured to accept connections from anywhere other than the machine that is running Apache.

By default WAMPServer installs with Apache is configured to ONLY accept connections from the local machine ( the one running WAMPServer(Apache)
and MySQL and mariaDB will also only accept connections from preconfigured user accounts, and they all have to be used from the local machine.

So basically unless you have changed something, EVEN IF YOU HAVE PORT FORWARDED YOUR ROUTER, Apache/MySQL/mariaDB will not accept any attempt to connect from any other device than the PC running WAMPServer.

If you want to check Apache's configuration, then I suggest you look at the Apache manual and find out how you would allow Apahce to be accessed from the internet, then check that yours is not configured to allow that. Afterall WAMPServer is there for people to use to learn how all these things work.

Finally, if you did change anything to do with the Apache or any other configuration tell us exactly what you did and we can let you know if that may have affected anything to do with allowing access from the internet.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.1.3 32bit & 64bit)
<Apache 2.4.29/2.2.31> <PHP 7.2/7.1/7.0/5.6/5.5/5.4> <MySQL 5.7.19/5.6.39/5.5.28>
<MariaDB 10.2.14> <phpMyAdmin4.8.1> <MySQL Workbench 6.3.10>

Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your MySQL databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-



Edited 1 time(s). Last edit at 12/06/2018 12:33AM by RiggsFolly.

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 09, 2018 07:02PM

Hi RiggsFolly,

Thanks for your anwser!

The only thing I did differently during the installation is regarding the firewall warning.

Basically at some point during the installation a little window appears called something liked "Windows Firewall has blocked some features". On this window there is something like "Allow Apache to communicate on these networks" and there are 2 boxes to check. The one called "Public networks (like cafes and airport" is already checked. And there is another box called "Private networks" that is not checked. However I checked this box and that is the only thing I did differently as I didnt start the configuration of the server.

I checked this box because I thought that I want to work on an app and I wanted to do it first on a "private" server and not a public one. If I understand you correctly I didn't need to do that...

Big thanks for your help!! It makes a huge difference!!

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: RiggsFolly (Moderator)
Date: December 09, 2018 07:05PM

Hi,

Well that was the correct thing to do.

---------------------------------------------------------------------------------------------
(Windows 10 Pro 64bit) (Wampserver 3.1.3 32bit & 64bit)
<Apache 2.4.29/2.2.31> <PHP 7.2/7.1/7.0/5.6/5.5/5.4> <MySQL 5.7.19/5.6.39/5.5.28>
<MariaDB 10.2.14> <phpMyAdmin4.8.1> <MySQL Workbench 6.3.10>

Read The Manuals Apache -- MySQL -- PHP -- phpMyAdmin
Get your Apache/MySQL/mariaDB/PHP ADDONs here from the WAMPServer alternate Repo
-X-X-X- Backup your MySQL databases regularly Here is How dont regret it later! Yes even when developing -X-X-X-

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 09, 2018 09:09PM

Thanks RiggsFolly for your response for which I should have waited as unfortunately I have lost my root access sad smiley.

I went looking in the PhpAdmin and find something where I deleted the privileges thinking it allowed access to anyone but I ended up losing access myself as 'root'. Is there anyway to fix to this or should just unistall wamp and install it again?

Thanks again for the help, it really makes a difference!

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Otomatic (Moderator)
Date: December 09, 2018 09:28PM

Hi,

There is a way to retrieve root access and privileges..

I write this tomorrow. I'm not at home and I write with my Smartphone

------------------------------------------------------------------------------------------------------------
Wampserver 3.1.6 32 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
Wampserver 3.1.6 64 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
PhPMyadmin 4.8.3 - MysqlDumper 1.24.5
on W10 and W7 Pro 64 bit
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
« Ce n'est pas parce qu'ils sont nombreux à avoir tort, qu'ils ont forcément raison. Coluche »
« It's not because they are many to be wrong, they are necessarily right. Coluche »

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 09, 2018 10:37PM

Thanks Otomatic, I really appreciate the support you guys provide!!

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Otomatic (Moderator)
Date: December 10, 2018 09:26AM

Hi,

Hi,

- Resetting a forgotten root password
and/or
- Reassign root with all privileges

If you have set a password for the root user, but you have forgotten it, or you accidentally deleted all with root privileges, you can choose a new password and re-allocate privileges the following procedure in Windows:

The Windows session must be administrator and Wampserver started as administrator.

1. Stop the mysql service
wampmanager -> MySQL -> Service -> Stop Service

2. Edit the my.ini file
wampmanager -> MySQL -> my.ini

3. Find the [wampmysqld] or [wampmysqld64] section in the ini file
Add this line directly after the section [wampmysqld] or [wampmysqld64]
skip-grant-tables

4. Restart the mysql service.
wampmanager -> MySQL -> Service -> Start/Resume Service

5. Open the MySQL console
wampmanager -> MySQL -> MySQL Console
Enter key on request Password - to get, after a few lines of text, the mysql> command prompt

6a. Now we are going to reset the password for the root user, of course this could be used to reset any users password.

enter the following 2 commands at the mysql> command prompt, each with a semi colon at the end of a line, and press ENTER after each line to issue the command to mysql.
--- For MySQL versions prior 5.7.0
UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE user='root';
FLUSH PRIVILEGES;
--- For MySQL versions after 5.7.0
UPDATE mysql.user SET authentication_string = PASSWORD('MyNewPass'), password_expired = 'N' WHERE User = 'root';
FLUSH PRIVILEGES;

6b. Reassign all privileges to root : enter the following 2 commands at the mysql> command prompt, each with a semi colon at the end of a line, and press ENTER after each line to issue the command to mysql. (Given the length of the first line, it is necessary to perform copy / paste).
UPDATE mysql.user SET Select_priv='Y', Insert_priv='Y', Update_priv='Y', Delete_priv='Y', Create_priv='Y', Drop_priv='Y', Reload_priv='Y', Shutdown_priv='Y', Process_priv='Y', File_priv='Y', Grant_priv='Y', References_priv='Y', Index_priv='Y', Alter_priv='Y', Show_db_priv='Y', Super_priv='Y', Create_tmp_table_priv='Y', Lock_tables_priv='Y', Execute_priv='Y', Repl_slave_priv='Y', Repl_client_priv='Y', Create_view_priv='Y', Show_view_priv='Y', Create_routine_priv='Y', Alter_routine_priv='Y', Create_user_priv='Y', Event_priv='Y', Trigger_priv='Y', Create_tablespace_priv='Y' WHERE User='root';

FLUSH PRIVILEGES;

Note that the update should report that it has updated more than one row, that because there are actually 3 user accounts with the userid of 'root' each with a different domain i.e. 127.0.0.1, localhost and ::1

7. Now enter 'quit' at the mysql command promt to exist mysql.

8. Stop the mysql service
wampmanager -> MySQL -> Service -> Stop Service

9. Edit the my.ini file
wampmanager -> MySQL -> my.ini

10. Find the [wampmysqld] or [wampmysqld64] section in the ini file
Remove the 'skip-grant-tables' parameter we added earlier.
DO NOT Leave this parameter in the ini file its a HUGH security hole.

11. Restart the mysql service.
wampmanager -> MySQL -> Service -> Start/Resume Service

You shoud now be able to login with phpmyadmin using the userid 'root' and the new password you have just set for that user.

------------------------------------------------------------------------------------------------------------
Wampserver 3.1.6 32 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
Wampserver 3.1.6 64 bit - Apache 2.4.37 - PHP 7.3.0/7.2.13/7.1.25/7.0.33/5.6.39 - MySQL 5.7.23 - MariaDB 10.3.11
PhPMyadmin 4.8.3 - MysqlDumper 1.24.5
on W10 and W7 Pro 64 bit
Documentation Apache - Documentation PHP - Documentation MySQL - Wampserver install files & addons
« Ce n'est pas parce qu'ils sont nombreux à avoir tort, qu'ils ont forcément raison. Coluche »
« It's not because they are many to be wrong, they are necessarily right. Coluche »



Edited 1 time(s). Last edit at 12/10/2018 10:17AM by Otomatic.

Options: ReplyQuote
Re: Restrict access to public and local network
Posted by: Ian1999 (213.233.150.---)
Date: December 10, 2018 10:55PM

Thanks Otomatic, I will try to do all this!

Options: ReplyQuote


Sorry, only registered users may post in this forum.