Subject
Status
| Subject | Status | | |
| These XAMPP pages are accessible by network for everyone | UNSECURE | ||
| Every XAMPP demo page you are right now looking at is accessible for everyone over network. Everyone who knows your IP address can see these pages. | ||||
| ||||
| The phpMyAdmin user pma has no password | UNSECURE | ||
| phpMyAdmin saves your preferences in an extra MySQL database. To access this data phpMyAdmin uses the special user pma. This user has in the default installation no password set and to avoid any security problems you should give him a passwort. | ||||
| ||||
| The MySQL user root has no password | UNSECURE | ||
| Every local user on Linux box can access your MySQL database with administrator rights. You should set a password. | ||||
| ||||
| The FTP password for user daemon is still 'xampp' | UNSECURE | ||
| By using the default password for the FTP user daemon everyone can upload and change files for your XAMPP webserver. So if you enabled ProFTPD you should set a new password for user daemon. | ||||
| ||||
The green marked points are secure; the red marked points are definitively unsecure and the yellow marked points couldn't be checked (for example because the sofware to check isn't running).
To fix or close all these matters simply call
/opt/lampp/xampp security
This will start an interactive program.