xampp-linux.scm

[Jason W]

AbNoRMiS has submitted xampp-linux.scm, the first scm submission. For now I will announce them as they are by nature larger and fewer than tcz repo activity.  I will soon organize this scm forum area for announcements and extension requests to keep it easier to follow.

Code: [Select]

Title: xampp-linux.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl
It is not meant to be used on a production server due to security issues
Version: 1.8.0-beta2
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size: 93.2M
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIRES
XAMPP scripts are required for bash.
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password
    2. The MySQL daemon is accessible via network
    3. ProFTPD uses the password "lampp" for user "nobody"
    4. PhpMyAdmin is accessible via network
    5. Examples are accessible via network
    6. MySQL and Apache running under the same user (nobody)
To fix most of the security weaknesses simply call the following command:
    /opt/lampp/lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
See also how can make XAMPP installation more secure at the Linux FAQ
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
USING
Complete list of XAMPP parameters can get calling this command:
    sudo lampp
To start XAMPP during install was added to /opt/bootlocal.sh this command:
    /opt/lampp/lampp start
You also can call this command from command line as root.
If you get any error messages during start XAMPP please look the Linux FAQ
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running just visit by this URL:
    http://localhost
To stop XAMPP can simply call as root this command:
    lampp stop
This command also was added to /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/xampp.users - XAMPP pages user password (tinycore)
/opt/lampp/etc/httpd.conf - Apache configuration
/opt/lampp/etc/my.cnf - MySQL configuration
/opt/lampp/etc/php.ini - PHP configuration
/opt/lampp/etc/proftpd.conf - ProFTPD configuration
/opt/lampp/etc/phpmyadmin/config.inc.php - phpMyAdmin configuration (tinycore)
----
FOLDERS
/opt/lampp/bin/ - commands home (symlinked)
/opt/lampp/htdocs/ - DocumentRoot
/opt/lampp/logs/ - Apache log directory
/opt/lampp/var/mysql/ - MySQL databases
----
INCLUDES
- Apache 2.4.1
- MySQL 5.5.21
- PHP 5.4.0
- Perl 5.14.2
- ProFTPD 1.3.3e
- phpMyAdmin 3.4.9
- OpenSSL 1.0.0h
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
- APR 1.4.6
- APR-utils 1.4.1
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/05/09 First release. Version 1.8.0-beta2
Current: 2012/05/09 First release. Version 1.8.0-beta2



[AbNoRMiS]

sent updated version

Code: [Select]

Title: xampp-linux.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl
It is not meant to be used on a production server due to security issues
Version: 1.8.0-beta4
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size:
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIREMENTS
The XAMPP scripts are require bash.
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password.
    2. The MySQL daemon is accessible via network.
    3. ProFTPD uses the password "lampp" for user "nobody".
    4. PhpMyAdmin is accessible via network.
    5. Examples are accessible via network.
    6. MySQL and Apache running under the same user (nobody).
To fix most of the security weaknesses simply call the following command:
    sudo lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
See also how can make XAMPP installation more secure at the Linux FAQ
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
BASICS
Complete list of XAMPP parameters can get calling this command:
    sudo lampp
To start XAMPP simply call this command:
    sudo lampp start
This command is added into /opt/bootlocal.sh during XAMPP installation.
If got any error messages during start XAMPP please look the Linux FAQ
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running then just visit this URL:
    http://localhost
To stop XAMPP can simply call this command:
    sudo lampp stop
This command is also added into /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/xampp.users - XAMPP pages user password (tinycore)
/opt/lampp/etc/httpd.conf - Apache configuration
/opt/lampp/etc/my.cnf - MySQL configuration
/opt/lampp/etc/php.ini - PHP configuration
/opt/lampp/etc/proftpd.conf - ProFTPD configuration
/opt/lampp/etc/phpmyadmin/config.inc.php - phpMyAdmin configuration (tinycore)
----
DIRECTORIES
/opt/lampp/bin/ - commands home (symlinked)
/opt/lampp/htdocs/ - DocumentRoot
/opt/lampp/logs/ - Apache logs
/opt/lampp/tmp/ - temporary files
/opt/lampp/var/mysql/ - MySQL databases
----
INCLUDES
- Apache 2.4.2
- MySQL 5.5.24
- PHP 5.4.3
- Perl 5.14.2
- ProFTPD 1.3.3e
- phpMyAdmin 3.5.1
- OpenSSL 1.0.0h
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
- APR 1.4.6
- APR-utils 1.4.1
UPDATES
- Apache (2.4.2)
- MySQL (5.5.24)
- PHP (5.4.3)
- phpMyAdmin (3.5.1)
- OpenSSL (1.0.0h)
- Perl (5.14.2)
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/05/09 First release. Version 1.8.0-beta2
2012/05/18 Update to version 1.8.0-beta4
Current: 2012/05/18 Update to version 1.8.0-beta4

[AbNoRMiS]

sent updated version to scmsubmit

Code: [Select]

Title: xampp-linux.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl
It is not meant to be used on a production server due to security issues
Version: 1.8.0-beta6
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size:
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIREMENTS
The XAMPP scripts are require Bash.
The XAMPP control panel require PyGTK with Libglade (optional).
----
CONFLICTS
Configuration files of this XAMPP version causes conflicts with other versions
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password.
    2. The MySQL daemon is accessible via network.
    3. ProFTPD uses the password "lampp" for user "nobody".
    4. PhpMyAdmin is accessible via network.
    5. Examples are accessible via network.
    6. MySQL and Apache running under the same user (nobody).
To fix most of the security weaknesses simply call the following command:
    /opt/lampp/lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
After calling this command your XAMPP installation should be "secure".
For developer's part have no reason what else could be insecure.
See also how can make XAMPP installation more secure at this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
BASICS
Complete list of XAMPP administering actions can be looked calling this command:
    /opt/lampp/lampp
To start XAMPP simply call this command:
    /opt/lampp/lampp start
This command is added into /opt/bootlocal.sh during XAMPP installation.
If got any error messages during start XAMPP please look this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running then just visit this URL:
    http://localhost
To stop XAMPP can simply call this command:
    /opt/lampp/lampp stop
This command is also added into /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/httpd.conf - Apache configuration
/opt/lampp/etc/my.cnf - MySQL configuration
/opt/lampp/etc/php.ini - PHP configuration
/opt/lampp/etc/proftpd.conf - ProFTPD configuration
/opt/lampp/etc/phpmyadmin/config.inc.php - phpMyAdmin configuration (tinycore)
/opt/lampp/etc/xampp.users - XAMPP pages user password (tinycore)
----
DIRECTORIES
/opt/lampp/bin/ - commands home (symlinked)
/opt/lampp/htdocs/ - DocumentRoot
/opt/lampp/logs/ - Apache logs
/opt/lampp/tmp/ - temporary files
/opt/lampp/var/mysql/ - MySQL databases
----
INCLUDES
- Apache 2.4.2
- MySQL 5.5.25
- PHP 5.4.4
- Perl 5.14.2
- ProFTPD 1.3.4a
- phpMyAdmin 3.5.1
- OpenSSL 1.0.1c
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
- APR 1.4.6
- APR-utils 1.4.1
----
CHANGES
- Added APR (1.4.6)
- Added APR-utils (1.4.1)
- Currently disabled mod_perl, because of incompatibility with Apache 2.4
- Currently disabled eAccelerator, because of incompatibility with PHP 5.4.0. Thinking about switching to APC...
- phonebook.php ported to SQLite3 since PHP 5.4 dropped support for SQLite2
- New version of Apache (2.4.2)
- New version of MySQL (5.5.25)
- New version of OpenSSL (1.0.1c)
- New version of Perl (5.14.2)
- New version of PHP (5.4.4)
- Nev version of phpMyAdmin (3.5.1)
- New version of ProFTPD (1.3.4a)
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/05/09 First release. Version 1.8.0-beta2
2012/05/18 Update to version 1.8.0-beta4
2012/06/16 Update to version 1.8.0-beta6
Current: 2012/06/16 Update to version 1.8.0-beta6

[AbNoRMiS]

also sent last stable version 1.7.7 called xampp-linux-1.7.scm

Code: [Select]

Title: xampp-linux-1.7.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl
It is not meant to be used on a production server due to security issues
Version: 1.7.7
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size:
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIREMENTS
The XAMPP scripts are require Bash.
The XAMPP control panel require PyGTK with Libglade (optional).
----
CONFLICTS
Configuration files of this XAMPP version causes conflicts with other versions
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password.
    2. The MySQL daemon is accessible via network.
    3. ProFTPD uses the password "lampp" for user "nobody".
    4. PhpMyAdmin is accessible via network.
    5. Examples are accessible via network.
    6. MySQL and Apache running under the same user (nobody).
To fix most of the security weaknesses simply call the following command:
    /opt/lampp/lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
After calling this command your XAMPP installation should be "secure".
For developer's part have no reason what else could be insecure.
See also how can make XAMPP installation more secure at this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
BASICS
Complete list of XAMPP administering actions can be looked calling this command:
    /opt/lampp/lampp
To start XAMPP simply call this command:
    /opt/lampp/lampp start
This command is added into /opt/bootlocal.sh during XAMPP installation.
If got any error messages during start XAMPP please look this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running then just visit this URL:
    http://localhost
To stop XAMPP can simply call this command:
    /opt/lampp/lampp stop
This command is also added into /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/httpd.conf - Apache configuration
/opt/lampp/etc/my.cnf - MySQL configuration
/opt/lampp/etc/php.ini - PHP configuration
/opt/lampp/etc/proftpd.conf - ProFTPD configuration
/opt/lampp/etc/phpmyadmin/config.inc.php - phpMyAdmin configuration (tinycore)
/opt/lampp/etc/xampp.users - XAMPP pages user password (tinycore)
----
DIRECTORIES
/opt/lampp/bin/ - commands home (symlinked)
/opt/lampp/htdocs/ - DocumentRoot
/opt/lampp/logs/ - Apache logs
/opt/lampp/tmp/ - temporary files
/opt/lampp/var/mysql/ - MySQL databases
----
INCLUDES
- Apache 2.2.21
- MySQL 5.5.16
- PHP 5.3.8
- Perl 5.10.1
- ProFTPD 1.3.3e
- phpMyAdmin 3.4.5
- OpenSSL 1.0.0c
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
----
CHANGES
- Fixed a problem with MySQL 5.5.x and XAMPP's backup script
- New version of mod_perl (2.0.5)
- New version of ProFTPD (1.3.3e)
- New version of phpMyAdmin (3.4.5)
- New version of PHP (5.3.8)
- New version of Apache (2.2.21)
- New version of MySQL (5.5.16)
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/06/16 First release. Version 1.7.7
Current: 2012/06/16 First release. Version 1.7.7

[vinnie]

Ehy abno, you think it is normal that I should copy the wordpress directory with sudo in /opt/lampp/htdocs/ and then change its ownerships and permissions for properly work?

[AbNoRMiS]

for example can do it in the following order
initially set xampp passwords

Code: [Select]

sudo /opt/lampp/lampp securitythen connect to ftp

Code: [Select]

ftp://nobody:password@localhostmake folder www beside folders webalizer and xampp
(it meaning that folder wordpress will be in /opt/lampp/htdocs)
via ftp put folder wordpress from wordpress-3.4.tar.gz to www

then make the following settings for apache
add to /opt/lampp/etc/extra/httpd-vhosts.conf virtual host

Code: [Select]

<VirtualHost *:80>
    ServerAdmin webmaster@wordpress
    DocumentRoot /opt/lampp/htdocs/www/wordpress
    ServerName wordpress
    ErrorLog logs/wordpress-error_log
    CustomLog logs/wordpress-access_log common
</VirtualHost>add to /opt/lampp/etc/httpd.conf the next row

Code: [Select]

Include etc/extra/httpd-vhosts.confadd to /etc/hosts address of virtual host

Code: [Select]

127.0.0.1 wordpresssave /etc/hosts into /opt/.filetool.lst

Code: [Select]

etc/hoststo back up the settings by running command

Code: [Select]

filetool.sh -band finally need to reload apache

Code: [Select]

sudo /opt/lampp/lampp reloadapache
now can access to virtual host wordpress

Code: [Select]

http://wordpress
instead of wordpress can be any valid name
the same way may be added other virtual hosts
it should be noted that the document root
can be anywhere else than /opt/lampp

Code: [Select]

DocumentRoot /mnt/sda1/htdocs/wordpressto ensure the safety it is desirable that filesystem
allows support user permissions (ext2-ext4 etc)
but otherwise it may be even fat derivates and ntfs

[vinnie]

First, abno: i am sorry for the time that I spent to answer, these days I had to move to another house, and I waited a little peace of mind to consider what you said.

From what I understand to avoid having to change the permissions by hand of wordpress directory I must use FTP to copy it.
I'll try to do it without setting password, I just need to do tests, then I will have to relate with a server, and in that case, password will be that set on the webhosting.

Another interesting thing would be to indicate other "persistent" directory in virtualhost.
From what I understand to avoid having to change the permissions by hand of hosting.

Another interesting thing would be to indicate other "persistent" directory in virtualhost.

[vinnie]

Ok, default ftp login  is : user "nobody" and pass "lampp"
Xampp has several mysql default database:

Code: [Select]

tc@box:~$ mysqlshow
+--------------------+
|     Databases      |
+--------------------+
| information_schema |
| test               |
+--------------------+
seems that the test database has no password and use "nobody" as user name.

Another small problem, starting the xampp interface directly from localhost and trying to reach phpmyadmin I get this page, is this normal?

[AbNoRMiS]

congratulations on housewarming

Another small problem, starting the xampp interface directly from localhost and trying to reach phpmyadmin I get this page, is this normal?

this problem disappears after assigning passwords to xampp pages

Code: [Select]

sudo /opt/lampp/lampp security(need answer only to the first question)

however looking at the settings in /opt/lampp/etc/extra/httpd-xampp.conf

Code: [Select]

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16

ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>i can not understand why this occurs at access from localhost
access restrictions only for local network are specified properly

p.s.
or can be used stable version 1.7.7
which has the same configuration
but does not have this problem

[AbNoRMiS]

submitted update to stable version 1.8.0

Code: [Select]

Title: xampp-linux.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl.
It is not meant to be used on a production server due to security issues.
Version: 1.8.0
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size: 93.5M
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIREMENTS
The XAMPP scripts are require Bash.
The XAMPP control panel require Python with PyGTK and Libglade (optional).
----
CONFLICTS
Configuration files of this XAMPP version causes conflicts with other versions.
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password.
    2. The MySQL daemon is accessible via network.
    3. ProFTPD uses the password "lampp" for user "nobody".
    4. PhpMyAdmin is accessible via network.
    5. Examples are accessible via network.
    6. MySQL and Apache running under the same user (nobody).
To fix most of the security weaknesses simply call the following command:
    /opt/lampp/lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
After calling this command your XAMPP installation should be "secure".
For developer's part have no reason what else could be insecure.
See also how can make XAMPP installation more secure at this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
BASICS
Complete list of XAMPP administering actions can be looked calling this command:
    /opt/lampp/lampp
To start XAMPP simply call this command:
    /opt/lampp/lampp start
This command is added into /opt/bootlocal.sh during XAMPP installation.
If got any error messages during start XAMPP please look this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running then just visit this URL:
    http://localhost
To stop XAMPP can simply call this command:
    /opt/lampp/lampp stop
This command is also added into /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/httpd.conf - The Apache configuration file.
/opt/lampp/etc/my.cnf - The MySQL configuration file.
/opt/lampp/etc/php.ini - The PHP configuration file.
/opt/lampp/etc/proftpd.conf - The ProFTPD configuration file.
/opt/lampp/etc/phpmyadmin/config.inc.php - The phpMyAdmin configuration (tinycore).
/opt/lampp/etc/xampp.users - The XAMPP admin password (tinycore).
----
DIRECTORIES
/opt/lampp/bin/ - The XAMPP commands home (symlinked).
/opt/lampp/htdocs/ - The Apache DocumentRoot directory.
/opt/lampp/logs/ - The Apache log directory.
/opt/lampp/tmp/ - The XAMPP temporary directory.
/opt/lampp/var/mysql/ - The MySQL databases directory.
----
INCLUDES
- Apache 2.4.2
- MySQL 5.5.25a
- PHP 5.4.4
- Perl 5.14.2
- ProFTPD 1.3.4a
- phpMyAdmin 3.5.2
- OpenSSL 1.0.1c
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
- APR 1.4.6
- APR-utils 1.4.1
----
CHANGES
- Added APR (1.4.6)
- Added APR-utils (1.4.1)
- Currently disabled mod_perl, because of incompatibility with Apache 2.4
- Currently disabled eAccelerator, because of incompatibility with PHP 5.4.0.
   Thinking about switching to APC...
- phonebook.php ported to SQLite3 since PHP 5.4 dropped support for SQLite2
- New version of Apache (2.4.2)
- New version of MySQL (5.5.25a)
- New version of OpenSSL (1.0.1c)
- New version of Perl (5.14.2)
- New version of PHP (5.4.4)
- Nev version of phpMyAdmin (3.5.2)
- New version of ProFTPD (1.3.4a)
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/05/09 First release. Version 1.8.0-beta2
2012/05/18 Update to version 1.8.0-beta4
2012/06/16 Update to version 1.8.0-beta6
2012/07/21 Update to stable version 1.8.0
Current: 2012/07/21 Update to stable version 1.8.0

[Jason W]

Great, I will upload it tonight.

[AbNoRMiS]

submitted update to version 1.8.1

Code: [Select]

Title: xampp-linux.scm
Description: XAMPP is an easy to install Apache distribution containing MySQL, PHP and Perl.
It is not meant to be used on a production server due to security issues.
Version: 1.8.1
Author: Kai 'Oswald' Seidler <oswald at apachefriends dot org>
Original-site: http://www.apachefriends.org/
Copying-policy: GPL, every single license of the contained products in /opt/lampp/licenses
Size: 93.5M
Extension_by: AbNoRMiS
Tags: XAMPP LAMPP Apache MySQL PHP Perl ProFTPD phpMyAdmin Webaliser eAccelerator SQLite
Comments: ABOUT
The XAMPP distribution for Linux systems contains: Apache, MySQL, PHP & PEAR,
Perl, ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm,
zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl,
FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.
----
REQUIREMENTS
The XAMPP scripts are require Bash.
The XAMPP control panel require Python with PyGTK and Libglade (optional).
----
CONFLICTS
Configuration files of this XAMPP version causes conflicts with other versions.
----
SECURITY
As mentioned before, XAMPP is not meant for production use but only for
developers in a development environment. The way XAMPP is configured is
to be open as possible and allowing the developer anything he/she wants.
For development environments this is great but in a production environment
it could be fatal.
Here a list of missing security in XAMPP:
    1. The MySQL administrator (root) has no password.
    2. The MySQL daemon is accessible via network.
    3. ProFTPD uses the password "lampp" for user "nobody".
    4. PhpMyAdmin is accessible via network.
    5. Examples are accessible via network.
    6. MySQL and Apache running under the same user (nobody).
To fix most of the security weaknesses simply call the following command:
    /opt/lampp/lampp security
It starts a small security check and makes your XAMPP installation quite
secure. For example this protects the XAMPP demo pages by a username
('lampp') and password combination.
After calling this command your XAMPP installation should be "secure".
For developer's part have no idea what else could be insecure.
See also how can make XAMPP installation more secure at this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html#sicherer
----
BASICS
Complete list of XAMPP administering actions can be looked calling this command:
    /opt/lampp/lampp
To start XAMPP simply call this command:
    /opt/lampp/lampp start
This command is added into /opt/bootlocal.sh during XAMPP installation.
If got any error messages during start XAMPP please look this Linux FAQ:
    http://www.apachefriends.org/en/faq-xampp-linux.html
After the Apache and MySQL began running then just visit this URL:
    http://localhost
To stop XAMPP can simply call this command:
    /opt/lampp/lampp stop
This command is also added into /opt/shutdown.sh during XAMPP installation.
----
SETTINGS
/opt/lampp/etc/httpd.conf - The Apache configuration file.
/opt/lampp/etc/my.cnf - The MySQL configuration file.
/opt/lampp/etc/php.ini - The PHP configuration file.
/opt/lampp/etc/proftpd.conf - The ProFTPD configuration file.
/opt/lampp/etc/phpmyadmin/config.inc.php - The phpMyAdmin configuration (tinycore).
/opt/lampp/etc/xampp.users - The XAMPP admin password (tinycore).
----
DIRECTORIES
/opt/lampp/bin/ - The XAMPP commands home.
/opt/lampp/cgi-bin/ - The XAMPP CGI scripts directory.
/opt/lampp/error/ - The HTTP multi-language error messages.
/opt/lampp/htdocs/ - The Apache DocumentRoot directory.
/opt/lampp/logs/ - The Apache log directory.
/opt/lampp/tmp/ - The XAMPP temporary directory.
/opt/lampp/var/mysql/ - The MySQL databases directory.
----
INCLUDES
- Apache 2.4.3
- MySQL 5.5.27
- PHP 5.4.7
- Perl 5.14.2
- ProFTPD 1.3.4a
- phpMyAdmin 3.5.2.2
- OpenSSL 1.0.1c
- GD 2.0.1
- Freetype 2.1.7
- libjpeg 6b
- libpng 1.2.12
- gdbm 1.8.0
- zlib 1.2.3
- expat 1.95.2
- Sablotron 1.0
- libxml 2.7.6
- libxslt 1.1.26
- Ming 0.4.3
- Webalizer 2.21-02
- pdf class 009e
- ncurses 5.7
- mod_perl 2.0.5
- FreeTDS 0.63
- gettext 0.17
- IMAP C-Client 2007e
- OpenLDAP (client) 2.4.21
- mhash library 0.8.18
- mcrypt library 2.5.7
- cURL 7.21.0
- SQLite 2.8.17 (for PHP4 + PHP5)
- SQLite 3.6.16 (for PHP5 PDO SQLite)
- libapreq 2.12
- eAccelerator 0.9.6.1
- FPDF 1.6
- bzip2 (library) 1.0.5
- PBXT 1.0.11-6-pre-ga
- PBMS 0.5.15 (but disabled)
- PBMSlib 0.5.15
- ICU4C Library 4.2.1
- APR 1.4.6
- APR-utils 1.4.1
----
CHANGES
Version 1.8.1
- New version of Apache (2.4.3)
- New version of PHP (5.4.7)
- New version of MySQL (5.5.27)
- New version of phpMyAdmin (3.5.2.2)
Version 1.8.0
- Added APR (1.4.6)
- Added APR-utils (1.4.1)
- Currently disabled mod_perl, because of incompatibility with Apache 2.4
- Currently disabled eAccelerator, because of incompatibility with PHP 5.4.0.
   Thinking about switching to APC...
- phonebook.php ported to SQLite3 since PHP 5.4 dropped support for SQLite2
- New version of Apache (2.4.2)
- New version of MySQL (5.5.25a)
- New version of OpenSSL (1.0.1c)
- New version of Perl (5.14.2)
- New version of PHP (5.4.4)
- New version of phpMyAdmin (3.5.2)
- New version of ProFTPD (1.3.4a)
----
Created for TC 4+
----
PPI Compatible
----
Change-log: 2012/05/09 First release. Version 1.8.0-beta2
2012/05/18 Update to version 1.8.0-beta4
2012/06/16 Update to version 1.8.0-beta6
2012/07/21 Update to stable version 1.8.0
2012/10/13 Update to version 1.8.1
Current: 2012/10/13 Update to version 1.8.1

[Jason W]

Thanks, uploading it now!