A short salutation is an act of politeness. Even if the internet is an virtual area, there is always a human being behind the screen. A polite beginning helps to get polite answers too. Please keep that in mind if you start a new thread. Thank you.
rvanherp wrote:from time to time I came across people that did
did not recommend using xampp as production webserver... (Motivation, "Not secure enough")
from time to time?
rvanherp wrote:Well, yes I had some security issues but don't see the need to change.
If this is really your considered opinion you shouldn't administrate any webserver in insecure environments like the internet.
rvanherp wrote:Today someone advised me to look into "Suhosin" to make xampp more secure.
Since PHP 5.3 many of the suhosin improvements are already compiled in PHP. Did that "someone" told you exactly which security issues you can solve with suhosin?
rvanherp wrote:Well I did and it sounds good, but I'm not someone that will be able to get it to work on my own.
Again one reason for not administrate a live webserver in the internet.
Two things you (and that mysterious someone) should know:
- Suhosin does not have any precompiled Windows binaries, so you have to compile it from source by yourself
- Suhosin does not yet have a version compatible with PHP 5.4
All in all your request here is far away from being supported with XAMPP, because it is not made for insecure environments.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~free software according to purpose of usageXAMPP 1.8
for local development/testing onlyZend Server 6 (free)
for production environments
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~It's like porn for programmers