Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: LAMP for Wordpress safe on home computer?

  1. #1
    Join Date
    Jul 2012
    Beans
    48

    LAMP for Wordpress safe on home computer?

    I would like to learn Wordpress for building websites. LAMP installs Apache, Mysql and php servers. Is this safe to use from a home computer? I won't be hosting websites at home, only building them.

  2. #2
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: LAMP for Wordpress safe on home computer?

    If your home router is like most people's it will not forward connections to your desktop unless you specifically configure it to do so.

    If you are really worried, you can use UFW or GUFW to block incomming connnections to ports 80 and 443 (http and https) from everywhere except the localhost. That works then only if you are sitting at the same machine that the LAMP stack is installed on.

    The short answer is, yes, it's probably safe enough.

  3. #3
    Join Date
    Mar 2008
    Beans
    115

    Re: LAMP for Wordpress safe on home computer?

    If you worry then install a virtualbox with a LAMP system inside.
    Being a target means being on the internet. End of line.
    Takedown blog (hungarian)

  4. #4
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: LAMP for Wordpress safe on home computer?

    Quote Originally Posted by sh4d0w808 View Post
    If you worry then install a virtualbox with a LAMP system inside.
    That won't make it any more secure. It just makes it easier to clean up. For learning it might be better to take advantage of VM snapshots. But for security, there's no advantage. In fact there is an extra layer in which things might go wrong and be exploitable.

  5. #5
    Join Date
    Mar 2008
    Beans
    115

    Re: LAMP for Wordpress safe on home computer?

    Quote Originally Posted by Lars Noodén View Post
    That won't make it any more secure. It just makes it easier to clean up. For learning it might be better to take advantage of VM snapshots. But for security, there's no advantage. In fact there is an extra layer in which things might go wrong and be exploitable.
    Don't agree. If you set up your VM to communicate only with your host OS, then you cannot get attack from there, so the LAMP is secure and not lowering your host system's security (except vulnerabilities in VB of course).
    Being a target means being on the internet. End of line.
    Takedown blog (hungarian)

  6. #6
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: LAMP for Wordpress safe on home computer?

    That's still about the same as restricting access to localhost for non-VM'd services. That kind of access control is something you have to learn any way. VMs do add another layer where something can break or otherwise go wrong. They also add a fair amount of processing and memory overhead, so system resources are just going to waste there. Though on the plus side you have snapshots which make random messing around much safer and more convenient. So from a learning perspective VMs are ok, but for security virtualization is nothing noteworthy.

  7. #7
    Join Date
    Mar 2008
    Beans
    115

    Re: LAMP for Wordpress safe on home computer?

    Quote Originally Posted by Lars Noodén View Post
    That's still about the same as restricting access to localhost for non-VM'd services. That kind of access control is something you have to learn any way. VMs do add another layer where something can break or otherwise go wrong. They also add a fair amount of processing and memory overhead, so system resources are just going to waste there. Though on the plus side you have snapshots which make random messing around much safer and more convenient. So from a learning perspective VMs are ok, but for security virtualization is nothing noteworthy.
    Thanks for the link, I will check that.
    Being a target means being on the internet. End of line.
    Takedown blog (hungarian)

  8. #8
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: LAMP for Wordpress safe on home computer?

    Quote Originally Posted by Lars Noodén View Post
    That's still about the same as restricting access to localhost for non-VM'd services. That kind of access control is something you have to learn any way. VMs do add another layer where something can break or otherwise go wrong. They also add a fair amount of processing and memory overhead, so system resources are just going to waste there. Though on the plus side you have snapshots which make random messing around much safer and more convenient. So from a learning perspective VMs are ok, but for security virtualization is nothing noteworthy.
    Good link. I run VMs when I am testing stuff and as more of a separation of services type thing if I am running a publicly accessible service. It won't be any more secure than a physical box, which is why it helps to learn about security services and (especially) web applications instead of leaving it as a free-for-all on the VM and just wiping it when it gets owned.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  9. #9
    Join Date
    Jul 2012
    Beans
    48

    Re: LAMP for Wordpress safe on home computer?

    Thanks for all the replies! The Wordpress installation walkthroughs I found all set it up with localhost. I can't block all incoming connections to 80 and 443 because then I'd block all web browsing so I guess I will rely on the router to filter connections. This computer is 5 years old, I don't know how well it will run visualization.

    If I set Wordpress to localhost, would it be useful still to follow guides to secure apache, mysql and php?

  10. #10
    Join Date
    Sep 2006
    Beans
    8,627
    Distro
    Ubuntu 14.04 Trusty Tahr

    incomming vs outgoing

    Your browsing connects to port 80 and 443 on the remote server, not your machine. On your own machine some high port will be outgoing. Surf a little and then check with netstat. It's a little more readable if you widen the terminal window a little first.

    Code:
    netstat -ntp | less
    So you can safely block 80 and 443 incoming.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •