I need to test a PHP Code. Is XAMPP safe for me to install on my home computer for the same?

743    Asked by AnnaBall in SQL Server , Asked on Jan 11, 2022

 I want to test some PHP code and I figure the best way is to install XAMPP - but I'm nervous about installing server software on my home computer.

Is it generally safe to install XAMPP (given that I haven't done it before and don't have a lot of experience with server security)? What do I need to be aware of? Alternatively, is there a safer way to test PHP code?



Answered by Anil Jha

You asked - Is XAMPP safe, I suggest that there is a safer way to test your code. You can - and arguably ought to - install your server software, whatever that might be (from XAMPP / WAMP in Windows to Ubuntu Server), in a virtual machine. It's not as daunting as it might sound at first, though it may be overkill if all you're doing is developing your own code. A VM effectively sequesters whatever happens to your server (the guest) from propagating to your home computer running the virtual machine (the host). Imagine you have improperly configured permissions and a script you're testing executes a hidden system('rm -Rf some_dir'). No problem! Revert your VM to the latest snapshot and away you go. You could even diff the snapshots to see what changed. Additionally, the network adapter on my VM of choice NATs the VM, forcing you to manually configure port forwarding for the VM to access it, let alone detect that it exists.

Testing in a VM also mitigates the risk of data leakage through malware. Personally, I'm much less worried that an app I'm testing will maliciously delete something than I am that it will silently steal it and upload it somewhere. Your host machine will be invisible to apps running within your VM. I'm personally partial to Oracle's VirtualBox; it's completely free, has enough features to keep me interested and is very simple to use. The VMs are also portable: you can copy the virtual machine file to a USB drive and take it to work. If you're ever going to do risky software testing of any kind, I suggest you learn to use VMs and test in there: it's a very useful skill to have in your tool-belt.



Your Answer

Interviews

Parent Categories