HTML, XHTML and CSS All-In-One for Dummies - Andy Harris [325]
Testing your XAMPP configuration
Ensure that Apache and MySQL are running, and then open your Web browser. Set the address to http://localhost, and you see a screen like the one shown in Figure 1-2.
Figure 1-2: The XAMPP main page.
This page indicates that XAMPP is installed and working. Feel free to experiment with the various items in the Demos section. Even though you may not know yet what they do, you should know what some of their capabilities are.
Adding your own files
Of course, the point of having a Web server is to put your own files in it. Use your file management tool to find the XAMPP directory in your file system. Right under the XAMPP directory is the htdocs folder, the primary Web directory. Apache serves only files that are in this directory or under it. (That way, you don’t have to worry about your love letters being distributed over the Internet.)
All the files you want Apache to serve must be in htdocs or in a subdirectory of it.
When you specified http://localhost as the address in your browser, you were telling the browser to look on your local machine in the main htdocs directory. You didn’t specify a particular file to load. If Apache isn’t given a filename and it sees the file named index.html or index.php, it displays that file, instead. So, in the default htdocs directory, the index.php program is immediately being called. Although this program displays the XAMPP welcome page, you don’t usually want that to happen.
Rename index.php to index.php.old or something similar. It’s still there if you want it, but now there’s no index page, and Apache simply gives you a list of files and folders in the current directory. Figure 1-3 shows my localhost directory as I see it through the browser.
Figure 1-3: After disabling index.php, I can see a list of files and directories.
You typically don’t want users to see this ugly index in a production server, but I prefer it in a development environment so that I can see exactly what’s on my server. After everything is ready to go, I put together index.html or index.php pages to generate more professional directories.
Generally, you want to have subdirectories to all your main projects. I added a few others for my own use, including xfd, which contains all the code for this book.
If you want to display the XAMPP welcome screen after you remove the index.php program, simply point your browser to http://localhost/xampp.
Setting the security level
When you have a Web server and a data server running, you create some major security holes. You should take a few precautions to ensure that you’re reasonably safe:
♦ Treat your server only as a local asset. Don’t run a home installation of Apache as a production server. Use it only for testing purposes. Use a remote host for the actual deployment of your files. It’s prepared for all the security headaches.
♦ Run a firewall. You should run, at an absolute minimum, the Windows firewall that comes with all recent versions of Windows (or the equivalent for your OS). You might also consider an open-source or commercial firewall. Block incoming access to all ports by default and open them only when needed. There’s no real need to allow incoming access to your Web server. You only need to run it in localhost mode.
The ports XAMPP uses for various tools are listed on the security screen shown in Figure 1-4.
♦ Run basic security checks. The XAMPP package has a handy security screen. Figure 1-4 shows the essential security measures. I’ve already adjusted my security level, so you’ll probably have a few more “red lights” than I do. Click the security link at the bottom of the page for some easy-to-use security utilities.
Figure 1-4: The XAMPP Security panel shows a few weaknesses.
♦ Change the MySQL root password. If you haven’t already done so, use the security link to change the MySQL root password, as shown in Figure 1-5. (I show an alternative way to change the password in Book VI,