I've established an Apache 2.0 server on my laptop that I want to use to test new features of my website before I make them public.

I'm nervous about security and random attacks and just want to feel assured knowing that no one can access my Apache server remotely.

I'm running Windows XP and have Windows firewall protection enabled. Is that enough? What types of changes do I need to makes to the "conf/httpd" configuration or other files in the Apache directory?

Basically, what settings do I need to enable to restrict all remote access to the localhost Apache server on my computer?

I've been running google searches for the past hour of "apache secure windows" and variations but I havent found anything that works. Any help is appreciated.

if you wanna apache on windows just select the apache for windows version
i suggested you just install apache in linux.
it's safer than on windows if you just wanna asp and access supported
then you just install the iis but not apache. i think

I known some people who are running Apache 2.0 and PHP to test websites. The only change that needs to be made is:

Under Global Environment find the section labelled 'LISTEN'. Change the line after the comments to:


Save the httpd.conf file and restart Apache, then find out what your IP address is and type it into your web browser. If you see the Apache Has Installed Sucessfully or your site then you need to change something else. If you get a Server Cannot Be Found or other error then you are safe from the outside world! I would also suggest getting a strong commercial firewall and some port monitoring software to make sure no-one is trying to break in.

If you can still access your computer from the web then try searching for a tutorial on running Apache locally only or running Apache as an Intranet.