2

I want a purely offline server for development of a wordpress theme.

I have installed XAMPP for Windows and started getting interested in security. At the most basic level you add passwords for certain things, but what I really want to do is to stop ALL access to or from the internet for this server. I want it to be purely local.

I use Comodo firewall.

Is it already going to allow access from local networks and the internet? I so, how do I change it? Do I want to change something in XAMPP's settings, or define a firewall rule?

Improve this question
9
  • Could just host the server on localhost but it wouldn't be accessible to the internal network. Alternatively you could use a private IP address, i.e. 10.0.0.x or 192.168.1.x, which would only be accessible in the local network.
    – cutrightjm
    Commented Apr 4, 2013 at 5:37
  • right click on the firewall icon, firewall, block all.
    – Offler
    Commented Apr 4, 2013 at 5:44
  • @ekaj I think XAMPP uses already uses localhost. Which means I'm safe?
    – Kit Johnson
    Commented Apr 4, 2013 at 5:54
  • @Offler If it's a question of blocking it through the firewall, I'd probably be better asking in the Comodo forum. I don't want to block all internet access (I still want to read superuser.com, for example) but I just don't want the offline development server accessing the internet/LAN.
    – Kit Johnson
    Commented Apr 4, 2013 at 5:55
  • If this makes things clearer, I access the server by going to 'localhost' in a browser.
    – Kit Johnson
    Commented Apr 4, 2013 at 6:05

2 Answers 2

Reset to default
1

Simplest way to restrict a server to the local subnet only is to give it no gateway or default route. Without the gateway, it won't be able to reach any other network.

However, I would still recommend a firewall and taking reasonable security precautions. After all, you never know when one of the internet enabled computers on your network could get compromised and provide a "jumping off" point to your server.

Improve this answer
2
  • Thank you @YLearn. I am on the Comodo forum finding out how to make the right rules for my software firewall. Regarding "Simplest way to restrict a server to the local subnet only is to give it no gateway or default route." - how would I do that? I searched but it provided just more things that I don't understand. I don't know much about networking.
    – Kit Johnson
    Commented Apr 4, 2013 at 8:10
  • Often a server has an statically configured IP address and the gateway is set in the same place. In this case, you would make sure the gateway field was blank. You don't mention the version of Windows, but if you do a web search for "how do I change my IP in windows <version>" or I stumbled on this guide that may help: wikihow.com/Change-your-IP-Address-(Windows)
    – YLearn
    Commented Apr 4, 2013 at 13:26
1

I asked how to configure my software firewall over on the Comodo forums, and was given this answer:

Create an Application firewall rule for httpd.exe, something like:

Application Name - {your path to}\xampp\apache\bin\httpd.exe
Action - Allow
Protocol - TCP
Direction - In
Source Address - 127.0.0.1
Destination Address - Any
Source Port - Any
Destination Port - Any

Application Name - {your path to}\xampp\apache\bin\httpd.exe
Action - Block and Log
Protocol -  IP
Direction - In
Source Address - Any
Destination Address - Any
IP Details - Any
Improve this answer
1
  • FYI: If using Mac OSX, you can just open: System Preferences > Security & Privacy > Firewall > Firewall Options..., then block all incoming connections to httpd.
    – Jonathan Cross
    Commented Nov 15, 2016 at 16:20

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .