Thursday, October 17, 2013

Fixing "New XAMPP security concept" and "Port already in use" Errors With Apache

Now that im at college and have a decent internet connection, I wanted to try some cloud style music access. And by "style" I mean running my own server from my desktop with all my media and accessing it from my school issued laptop so i don't have to carry around all the music. I first tried Orb which basically installs a program on your computer and creates a database of your media and when you use their website to remote access it their servers contact your computer and stream the media to the remote computer. There are two problems with this: Orb is shutting down soon because it was bought out and media stream was in shitty quality. I then started to look for open source options that dint require a man-in-the-middle server to stream the media (aka i wanted a direct pipeline). I found the perfect choice: Ampache. Its based off of Apache (a basic, but powerful web server) and MySQL. I liked all of its features except that you have to do some server tinkering and i have had little experience, but it was actually quite easy because Apache and MySQL have been put into an installer package called XAMPP which makes it really easy to setup. There are step by step instructions here. Quick note: when installing XAMPP you only need Apache and MySQL for Ampache to work.



New XAMPP security concept

Anyways, on to the issues. When you have the install all done you can easily access it from localhost:80 in your web browser, but opening the ports (80, 443, and 3306 as seen in XAMPP control panel) and trying your_external_ip_address:80 will throw an error about a "New XAMPP security concept" that only LAN has access. to fix this you have do the following
1. Go to the XAMPP Control Panel
2. Click Config next to Apache and select Apache (httpd-xampp.conf)
3. Look for the following heading:

# New XAMPP security concept

4. Underneath you'll see something like the following:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16

ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

5. Change it to this (where YOUR_EXTERNAL_IP_ADDRESS is something like xx.xx.xxx.xxx):
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16  YOUR_EXTERNAL_IP_ADDRESS/8 \
fe80::/10 169.254.0.0/16

ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

6. That allows you to connect via your browser anywhere in the world using YOUR_EXTERNAL_IP_ADDRESS:80 Also, if you get sent to the XAMPP panel when you go to
YOUR_EXTERNAL_IP_ADDRESS:80
just use this instead:
YOUR_EXTERNAL_IP_ADDRESS:80/ampache


Port In Use

I figured I might as well put another issue I had with the install in this post too: "Port already in use". That is referring to the second port Apache uses and when you click Start under Apache it'll say error port xxx already in use. This is because Skype and Apache both use port 443 and if you start Skype first, Apache wont work and vise versa. If this is gonna be a more professionally used server it might be better to keep Apache ports to 80 and 443 and change Skype's port just so people looking at your server setup are like WTF haha. Anyways... I chose to change Apaches ports to 81 and 442 respectively.
1. Go to the XAMPP Control Panel
2. Select Config, hhtpd.conf next to Apache
3. Replace all the "80"'s with "81"'s. Instances are
Listen 80
ServerName localhost:80

4. Go back to the Control Panel and select Config>httpd-ssl.conf
5. Replace all the "443"'s with "442"'s. Instances are
Listen 443
<VirtualHost _default_:443>
ServerName www.example.com:443

6. Restart your server and there you have your server on different ports. But now when accessing you must type localhost:81, 127.0.0.1:81, or external_ip:81 for example otherwise you wont be able to connect.

No comments:

Post a Comment