Saturday, 12 November 2016

How to host your website using Wamp server

So you want host your own website, well you found the right post. If you have a spare Windows machine and some time, I will show you how to host your own website using WAMP server from your home or office. In this post I will show you the steps I took to configure WAMP.
 to start my web server and host my own website for testing and personal projects.
You may have one or several reasons why you would want to host your own website, perhaps you want to:

  • host a small personal blog.
  • host a portfolio site.
  • host your resume.
  • test a web application.
  • or just simply learn how to setup your own web server, of course.


The steps required are as followes

INSTALL WAMPSERVER 2.5


I have a separate post on how to do this if you need help with this step. Simply download wamp server from WampServer and take the defaults. Once it is installed you will notice the green light on the wamp icon on your system tray.

If the icon is red or orange, you have a conflict with another application. In my case, most of the time I encounter this issue is if IIS is running on the machine. You can check what service is using port 80 if you want to confirm this. Go to  Apache –> Service –> Test Port 80 and see which service is using port 80. If IIS is using the port, you will want to disable the following service: IIS Admin Service and World Wide Web Publishing Service.

You can check out my post on trouble shooting  the orange status light in WAMP Server
 for additional help with the orange status light.

Set WAMP Server to run on automatic


Configure the ‘Startup Type’ under Window services to automatic for both wampapache and wampmysql services.Now you will want to make wampmanager.exe start when Windows starts. So in case you re-start your server, or it re-starts itself due to Windows updates, power surges, or other unpredictable cause, your are covered.
Check out my post on Configuring WAMP  Server on Windows for WordPress local developmentfor further details on how to do this step.

Configure Windows Firewall to allow wampmanager, port 80 and 443


Port 80 and 443 must be allow for both TCP and UDP packets. To do this, create 2 inbound rules for TPC and UDP on Windows Firewall for port 80 and 443.
Also, allow wampmanager.exe found in the wamp installation folder, in my case that is C:\wamp.

Set the MySQL root password


This is a very important step. I suggest making a strong password with upper and lower case letters and numbers, throw in a couples of symbols too. There are a few ways to do this, one is by going to the MySQL console and typing the appropriate commands, another way is via the GUI (graphical user interface) using SQL Buddy or PHPMyAdmin. Go to my post on how-to-set-the-mysql-root-password-in-localhost-using-wamp how to set the Root password for MySQL
 for steps by steps instructions on how to do this.

Configure PHPMyAdmin


Configure phpMyAdmin to require a password. Open the config.inc.php file found in C:\wamp\apps\phpmyadmin[version#] and edit the following:

On the following lines..

$cfg['Servers'][$i]['auth_type'] = 'config';

Change ‘config’ to ‘http’.

$cfg['Servers'][$i]['user'] = 'root';

Delete user root and just leave the quotation marks empty, like so = ‘ ‘;

$cfg['Servers'][$i]['AllowNoPassword'] = true;

Change true to false.

Create a Log Out URL by adding the following line..

$cfg['Servers'][$i]['LogoutURL'] = 'http://your-external-ip-address/';

Now, if you have a static IP, you should be ok entering it here. But in case you do not, like most of us, then you will want to enter the domain you plan on using for your website (recommended).

Save your file and go to C:\localhost\phpmyadmin – You should be prompted for a user name and password now.

Configure Apache


Now we need to make Apache listen to port 80 on our host machine. For this, open your httpd.conf file found under C:\wamp\bin\apache\apache[version#]\conf and edit the following lines:

Listen 0.0.0.0:80
ServerName localhost:80

Change it to..

Listen youripaddress:80
ServerName youipaddress

where youipaddress is equal to the local ip address of your web server.

Find <Directory “c:/wamp/www/”> and enter:

Order Allow,Deny
Allow from all

right before </Directory>

Save the file.

Configure PHPMyAdmin Alias file


This will allow us to access PHPMyAdmin from the web. Open phpmyadmin.conf found in C:\wamp\alias and edit the following line:

Require local

and replace it with..

Require all granted

Save the file. You should now be able to access the site via http://youripaddress and PHPMyAdmin via http://youripaddress/phpmyadmin

Enhancing Security


Please note that WAMP Server is commonly used for local development, and not as a hosting platform for production as it is inherently un-secure. However, you can take some measures to secure it like the ones I am going to suggest here.

Here are a few things to check for: Open your httpd-default.conf file found under C:\wamp\bin\apache\apache[version#]\conf\extra and make sure you set the following parameters..

ServerTokens Prod

This directive configures what WAMP returns as the Server HTTP response, setting it to prod returns the least info.

ServerSignature Off

This will stop Apache from broadcasting the server signature, which includes server version and virtual host name and other possibly sensitive information.

TimeOut 60

This will help prevent DoS attacks. It should be 60 by default but check just in case.

Re-start all services if you haven’t been doing so by clicking on ‘Restart all services‘.

You are almost done, next step is to remove the files in the www folder. You can delete them or move them to another folder outside "www"
You can now place your website files in here.

For additional security, I suggest placing an index file in the root and any sub directory of your website.

Adding an htaccess file with an unauthorized directory browsing rule would be ideal. You can drop this line in the .htaccess file:

#to disable directory browsing

Options All -Indexes

and place it in your root (www) and that should take care of things. To create an .htacces file in Windows check out this post from Stackoverflow
Also, check out Perishablepress htaccess tricks page for some cool things you can do with htaccess files to greatly enhance your websites security.
I wrote this tutorial based on my own experience with WAMP and what I have learned from others on the internet. I am not a security expert so if you have any suggestions on how to further secure WAMP or you have some best practices please feel free to let me know in the comments below.

Forward web traffic to your web server’s IP.


If you are reading this, I am going to assume you are somewhat familiar with port forwarding . But if you need help, just type ‘port forwarding’ in Google and you will get many sites that will show you how to forward a port. Basically, you want to forward any web traffic on port 80 to your machines local IP address. If you plan on using ssl, you may also want to forward port 443. On my router, it looks something like this:


Put WAMP Server online


The last step is to put WAMP server online.

You did it!  Now sit back, enjoy some tea and watch your web server do what its meant to do, serve your web pages to the world!

Hopefully this will help you in your current and future web projects. If you have any questions about this setup please leave me a comment below and I will be happy to help.

Thank you for stopping by.

0 comments:

Post a Comment