Is it safe to install Xampp to learn Security and Penetration testing using DVWA?

2018-06-05 08:23:27

I have heard Xampp is not safe and has a lot of security loopholes. What steps need to be taken to close the loopholes? Is it better if I use a VM instead?

I new to Security Testing and want to learn using DVWA. Kindly provide some feedback...

Is it safe(r) to install Xampp to learn Security and Penetration testing using DVWA?

You can make it safe by:

Configure Apache and MySQL to listen only on 127.0.0.1.

Apache

Edit the file C:\xampp\apache\conf\httpd.conf and change Listen 80 to Listen 127.0.0.1:80

MySQL

Edit the file C:\xampp\mysql\bin\my.ini and make sure that the bind-address is set to 127.0.0.1

Configure the firewall to block TCP port 80

Use the Windows firewall to block incoming requests to TCP port 80.

  • Is it safe(r) to install Xampp to learn Security and Penetration testing using DVWA?

    You can make it safe by:

    Configure Apache and MySQL to listen only on 127.0.0.1.

    Apache

    Edit the file C:\xampp\apache\conf\httpd.conf and change Listen 80 to Listen 127.0.0.1:80

    MySQL

    Edit the file C:\xampp\mysql\bin\my.ini and make sure that the bind-address is set to 127.0.0.1

    Configure the firewall to block TCP port 80

    Use the Windows firewall to block incoming requests to TCP port 80.

    2018-06-05 09:01:11