Security Mecca

Installing and Securing WAMP Server

Posted in Business, Tutorials, Windows on


Installing WAMP Server 2

1. Start the WampServer 2 setup wizard. Click next.

2. Accept the license agreement.

3. Install to the default directory, hit next.

4. Check Create a deskyop icon if you want and hit next.

5.Hit the Finish button on the next screen and the Wamp installation begins.

6.Browse to the directory of your web browser and select its .exe program extension.

7. Leave the default settings for the mail server and hit next.

8. To finsh the install hit next and allow the program through your lan firewalls. Domain and Private.

10. On the last screen hit Finish and the program will run.

Secure Wamp Server 2

1.  Click the Start button and right-click on Computer, then choose Manage.

2.  In Computer Management expand the tree of Local Users and Groups, and then open the users folder.

3. Create two new users by right-clicking and choosing New User.

4. Name the first user apacheusr and the second one mysqlusr and make sure you give them strong passwords.

5. In Computer Management browse to services in the left pane and locate the services wampapache and wampmysqld on the right pane.

6. Open the properties for each service and then go to the Log On tab. Add each new user you created earlier to the appropriate service.

7. After that stop all the WAMP services by clicking on its icon in the system tray and choose Stop services.

8. Now open a browser and go to http://localhost/myphpadmin and click on the privileges tab. Notice the users highlighted are the ones to edit.

9. Click the edit button next to each user and add a strong password. Make sure you change the dropdown by password to use a text field.

10. Now browse to c:\wamp\apps\phpmyadmin%vesion#%\ and edit the file. As you can see the highlighted code needs to be changed. Highlight and paste in the following:

$cfg['Servers'][$i]['auth_type'] = 'http';

$cfg['Servers'][$i]['user'] = '';

$cfg['Servers'][$i]['password'] = '';

$cfg['Servers'][$i]['AllowNoPassword'] = false;

$cfg['Servers'][$i]['LogoutURL'] = 'http://localhost/';

11. Now editthe httpd.conf file from WAMP as shown below. Once you get it open scroll down just a bit and change Listen 80 to Listen that way it will only listen to the local IP instead of glooming on all addresses.

12. Now browse to c:\wamp\bin\mysql\mysql%version#%\my.ini and open the file to edit. Locate the mysqld section in near the end of the file and append the bind address as shown.


about the author

More about Chris Sobeck:
A founding member of Security Mecca that believes that the best way we can support America's network infrastructure is to generate awareness. Striving to be a future IT Manager for a Fortune 500 corporation, Chris is now studying at Western Michigan University. Chris' specific areas of expertise is IT Consulting and Web Design.

questions or comments?

If you have any questions or comments about this article, feel free to contact us!

talk back! questions/comments, and feedback. keep it polite, please