My development machine has apache, mySql..etc. installed and its on a work network. All good, but what if one of my coworkers decided to scan the network, get my ip and try to connect to it? Well, if nothing is done, the browser will show my localhost directory, which is bad.
What i needed: to block all access to my apache server from anywhere but this machine. Its pretty simple. (we could do this with an .htaccess file on the root, or even an empty/redirect/whatever index file, but the apache way is fun.
Depending on your server package of choice (but obviously with apache), find where httpd.conf is, open it and do this (on XAMPP, its on [your_install_dir]\apache\conf\):
– Change (this is the default)
and a little below you will see something like “Order deny,allow”..etc., mine is like this:
Deny from all
Allow from 127.0.0.1
Which basically blocks everything and allows only what you need.
Restart your apache service and give it a try. It should only open from your machine and no one on the network should be able to see your server.
http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html – And all else relating to Apache is nice also.