Security concerns for WAMP as a development environment - wamp

I would like to install WAMP on our computers so that we can do offline Wordpress development, but the IT department has a few security concerns that I'm hoping you could help address.
They fear that an outside hacker could take control of the server via internet. Can this concern be addressed when the intention is only to use WAMP for local (offline) development, although the computers are connected to the internet.
They fear that a user can leave WAMP running in the background also when other users log in. Can WAMP stay running when the Windows user logs out? If yes, can this be prevented?

Related

Is there anything I should be doing to protect my security when opening a port?

I'm new to this, so I apologize if my question is a little too simplistic or I don't have the correct understanding. I can't find anything in the django guide and I'm not sure if the general port information is the same considering what i'm doing with Django.
I'm running a django runserver on '0.0.0.0:8000', which allows me to access the server remotely on another device in the same household.
Is there anything I should be doing to help protect from outside attacks as the port is open?
I believe I read that although this won't grant access to the device running the server, it can leave it vulnerable to issues. But there shouldn't be any sensitive data being transmitted as it's been used to enter data into a database.
Assuming that you have not performed any port forwarding from the internet to the device that you are running your Django server on you are safe. It will only expose the Django web service and realistically locally in your house hopefully you don't have anyone out to get you.
If you only want to be able to access your Django development server locally you can change the command to: python3 manage.py runserver 127.0.0.1:8000 no one will be able to access it unless they are coming from the same machine.

Vulnerabilties Pleks VS cPanel

As a web hosting reseller i have a question: Pleks or cPanel
I mean, who is more secure ? With less hack vulnerabilities ? Some people tell me Plesk is more secure and with cPanel you have a lot of security breach.
Thank you.
I can tell you about Plesk, which is focused on security and provides a lot of solutions, such as ModSecurity, Fail2Ban, Security Advisor, out of the box to prevent your server, websites, mail, etc. from hacking.
Also Plesk has extension catalog with security extensions to secure your server and its services more.
WordPress toolkit, which is available in Plesk, allows you to secure WordPress installations.
Let's Encrypt extension will allow you to install free SSL Certificates on your websites.
With the help of Package Update Manager Plesk makes sure that all latest OS updates are installed.
Try Plesk for free and check it on your own.
I'm sure you were hoping to hear more than just from people that work for the companies involved, but I can similarly answer for cPanel.
cPanel is incredibly secure out of the box, and comes with the backing of a massive community of plugin developers and integrators, but we also allow administrators to make their own decisions about their configuration. The drawback for that is that some administrators make their server less secure, without fully understanding the consequences.
If you have any questions at all about cPanel, please do let me know, or you can try it for free. Any new cPanel server that's built is automatically issued a trial license, so you can try it for free for 15 days.
Both cPanel and Plesk have their pro(s) and con(s). While I like cPanel more (probably because I had to chance to use it more) there are some really nice default features in Plesk that make it, let's say, more attractive. One of them would be installing nginx and being able to run it as a standalone server for specific sites and not as a reverse proxy for apache. Same behaviour can be achieved on cPanel servers with nginxcp plugin (which is not free but the price is decent $5/month).
Both cPanel and plesk have mod_security, firewalls and a ton of other features. If you ask me, cPanel is more user friendly for the regular user while Plesk seems to be a little bit complicated sometimes. Another big difference will be that cPanel can be only installed on CentOS systems while Plesk can be installed on CentOS, Debian etc. If you ask me I was preferring cPanel since it was running really smooth with CloudLinux and configuring it properly resulted in a really secure server. As far as I know CloudLinux works on Plesk too now so...
It's really hard to say which one of them is more secure. It all depends on how you configure them both. I would say to try them both (both offer free trial licenses for a limited amount of time: cPanel 15 days, Plesk 30 days if I'm not wrong) and see which one you like best.
Oh, last but not least, cPanel staff provides really high tech support (which is included with the license). I think they are way ahead of Plesk at providing support for their customers (at least from my experience).

WAMP servers... why just for web development

What is to stop you using a WAMP server (or similar) to run single-user business database applications day-to-day?
I read everywhere that WAMP and the like are intended for the development of web apps, but why can't they be used to deploy desktop apps - what're the downsides?
Personally I think WAMP/MAMP/LAMP are great applications that CAN be used for production servers.
I have started doing this myself as I do not have the complete knowledge in server administration on the linux end and my PHP applications are not compatible with IIS.
If you are a small operation than it should save you time then go for it.
If your business grows and you can afford to put on staff to manage dedicated servers with the Apache, PHP ect all installed separately then I also recommend this.
The main difference I can see is that WAMP probably wont be as scalable as the preferred setup. The binaries are all integrated and sometimes I have had issues trying to figure out which php.ini file the system is using.
WAMP is just as secure as any other server as long as you know how to do so, is provides a UI layer which cost CPU time but like I said if you are only serving small web sites/apps than this should be just fine.
My other recommendation is to install it on a Server (Windows 2008 RS or 20012) Windows servers are more reliable and powerful than the Windows User version. Just remember to turn off IIS and any other roles not used by the Windows Server.
Make sure you your WAMP folder backed up regularly!
Good luck
I haven't found one yet. I guess the speed won't be as good as a 'pure' setup, but it sounds like that isn't an issue.
I run an epos web app for a photo studio no problem at all!
WAMP usually stands for Windows, Apache, Mysql, PHP or whatever your particular choice for P is. It describes a stack meant for specifically for deploying/developing web applications and is a rough equivalent to LAMP. Most things that would be considered desktop applications wouldn't use a webserver and more than likely would not be written in PHP.
The issue is not so much one of downsides as it is Apples and Oranges: Desktop applications are usually built with a less web centric stack.
Actually i used with wamp for many purposes; I used it with VB.NET apps, PHP, etc...but I think if you want to use it for deployment, you should start by configuring it to do so.
For example, for PHP deactivation errors display in php.ini, start listening on all allow all in httpd.conf, activating safe mode, setting a password for MySQL; and many other options that have to be configured.
I personally prefer because it is a quick and lightweight tool.

Remote Web server connection issue

I have set up a server for our Django web application so that everyone in our LAN can access them. I have installed Ubuntu 12.04 with apache version 2.2.22 and modpython version 3.3.1. In some of our systems in the LAN, the server is not accessible through url as well as ssh while in some others it is accessible sometimes. As we are connecting remotely to the system, this is causing a lot of problems.Kindly help me in solving this issue.
Thanks in advance.
This type of question is super hard to answer because the possibilities are almost endless. However, from what you're saying, if some machines CAN access the server and SOME can't, the problem is related to networking, and not the server software (or Django).
Though it could be related to either if you have some weird access rules setup that you're not mentioning in your response.
So, a few things to verify:
Can the machines which cannot access the application via HTTP ping the server they reside on by its IP address? If they can't, you have a networking issue. Could be a routing problem, could be a firewall issue.
To see if it's a routing problem, do a traceroute from one of the machines that cannot access your server, and see what happens. Did the traceroute stop at a particular router on your network? Well, then that's probably an issue.
To see if it's a firewall issue, try changing the IP address of one of the machines that can't access the server to one of the machines who can. Did it work? OK, you have a firewall problem.

Development server & production server

What is the right way to handle a production and development website on the same server? the development code shouldn't be available until it's used for production.
I'm using Apache and Django and VPS hosting.
What should I configure? Apache- so it will have a special prefix for development stuff, Django- and have some URL mangling in the urlconf, or just get another VPS for development?
Find an old computer and stick it in your basement. you really don't need tons of horsepower for a dev machine & should be able to do it for a couple hundred bucks.
The problem with developing on a production machine is that you could crash processes [apache?] with some 'not quite debugged yet' code and affect live services, even if you have configured separate subdomains or virtual hosts.
never never never develop live.
-sean
PS> another VPS is a workable solution if 'spare hardware' is not available. However you could have availability issues.