Apache to only listen on localhost

By | 14 May, 2013

My development machine has apache, mySql..etc. installed and its on a work network. All good, but what if one of my coworkers decided to scan the network, get my ip and try to connect to it? Well, if nothing is done, the browser will show my localhost directory, which is bad.

What i needed: to block all access to my apache server from anywhere but this machine. Its pretty simple. (we could do this with an .htaccess file on the root, or even an empty/redirect/whatever index file, but the apache way is fun.

Depending on your server package of choice (but obviously with apache), find where httpd.conf is, open it and do this (on XAMPP, its on [your_install_dir]\apache\conf\):

– Change (this is the default)

Listen 80



– Find

<Directory “[your_install_dir]”>

and a little below you will see something like “Order deny,allow”..etc., mine is like this:

Order deny,allow
Deny from all
Allow from

Which basically blocks everything and allows only what you need.

Restart your apache service and give it a try. It should only open from your machine and no one on the network should be able to see your server.

Good reads:

http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html – And all else relating to Apache is nice also.