为什么XAMPP不适合生产? [英] Why is XAMPP not suited for production?
问题描述
我已经在Windows 2008 R2上运行XAMPP多年了,我只使用Apache,MySql和FileZilla.我进行了许多自定义调整,并将其升级为服务器时间.我已经解决了我能够找到的所有安全问题.作为服务运行,只要Windows Server启动,服务器就永远不会关闭.他们是令人难以置信的稳定.为什么人们在地上告诉我我不应该这样做?我在这里看到的所有Q或A都没有涉及细节,大多数问题通常以不推荐"结尾,在XAMPP网站上这样说是不好的".我知道您不应该立即使用XAMPP进行生产,因为它不安全.但是已经更改了所有root用户,使用https/certificate代替了普通的http,在脚本中使用了特权受限的MySQL用户,在php MySQL查询中使用了准备好的语句(PDO或mysqli),捕获了异常,处理了错误,保护了文件夹和php编程的精髓,我看不到为什么我不能继续使用XAMPP进行生产.我从来没有遇到任何麻烦.我已经解决了安全不是主要问题的看法,必须要解决其他问题.也许拥有数百万用户的大型网站的可伸缩性或可管理性(我不是这种情况)?请告诉我,但前提是您知道您在说什么!
I have been running XAMPP on Windows 2008 R2 for many years now, I'm only using Apache, MySql and FileZilla. I have made many custom adjustments and upgraded it serveral times. I have addressed all the security issues I have been able to find. Running as services, the servers are never down as long as Windows Server is up. They are incredible stable. Why on earth do people tell me I should not do this? None of the Q or A's I have seen here deals with the specifics, most of them ends up in typically "it's not recommended", "it's says so on the XAMPP web site, therefore it's bad". I understand that you shouldn't use XAMPP out of the box for production because it is not secure. But having changed all root users, using https/certificate instead of plain http, using MySQL users with limited privileges in my scripts, using prepared statements (either PDO or mysqli) in php MySQL queries, catching exeptions, handling errors, protecting file folders and the nitty gritty of php programming I cannot see why I can't continue to use XAMPP for production. I have NEVER experienced ANY trouble. I have settled with the perception that security is not the main problem, there must be something else. Maybe scalability or manageability of large websites with millions of users (which is not my case)? Please tell me, but only if know what you are talking about!
我在其他地方有个值得注意的评论:
I got a noteworthy comment elsewhere:
除了开发和精品之外,它无所不能 使用.基于意见的评论告诉您为什么交流倾向于 与XAMPP一起工作的人开始回答这类问题 和WAMP曾经到过那里并没有留下深刻的印象,但是没有 麻烦收集经验数据来支持他们的观点.
It's just not meant to do anything more than development and boutique use. And the opinion based comments tell you why the exchanges tend to kick these kind of questions off as people who've worked with XAMPP and WAMP kind of have been there and weren't impressed, but didn't bother to gather empiric data to back up their opinion.
这是一个公平的评论,也可能是我将获得的最佳答案,但我可以接受.这是探索我的软件的新计算机体系结构的绝佳线索.
This is a fair comment, and it might also be THE best answer I will ever get, but it I can live with that. It is great cue for exploring new computer architectures for my software.
推荐答案
就像您自己说的那样,这完全是关于安全性和即开即用的内容,XAMPP非常不安全.除此之外,我看不到任何真正的缺点. XAMPP中的软件通常在稳定,安全的商业系统中使用.配置XAMPP使其足够安全以用于生产时需要花费一些知识和时间(这就是人们不断告诉您不要这样做的原因),但是由于您似乎已经了解了它,因此不应问题.
Like you say yourself, it's all about security and out-of-the-box, XAMPP is pretty insecure. Apart from that there are no real drawbacks that I can see. The software in XAMPP is regularly used in stable, secure, commercial systems. It takes a bit of knowledge and time to configure XAMPP to become secure enough for production use (and this is the reason why people keep telling you not to do it), but since it looks like you've got it covered there should be no problem.
这篇关于为什么XAMPP不适合生产?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
