XAMPP for Linux

Last updated on
30 September 2016

The distribution for Linux systems (tested for SuSE, RedHat, Mandrake and Debian) contains: Apache, MySQL, PHP & PEAR, Perl,ProFTPD, phpMyAdmin, OpenSSL, GD, Freetype2, libjpeg, libpng, gdbm, zlib, expat, Sablotron, libxml, Ming, Webalizer, pdf class, ncurses, mod_perl, FreeTDS, gettext, mcrypt, mhash, eAccelerator, SQLite and IMAP C-Client.

Installing XAMPP in Debian

Download XAMPP Latest version from the following link


At the time of writing this article XAMPP version is 1.5.3a

#wget http://kent.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz

Now you should be having xampp-linux-1.5.3a.tar.gz file in your downloaded location

Go to a Linux shell and login as root:

$su -

Extract the downloaded archive file to /opt

tar xvfz xampp-linux-1.5.3a.tar.gz -C /opt

XAMPP is now installed below the /opt/lampp directory.

Start XAMPP Server

To start XAMPP simply call this command:

/opt/lampp/lampp start

Starting XAMPP for Linux 1.5.3a...
XAMPP: Starting Apache with SSL (and PHP5)...
XAMPP: Starting MySQL...
XAMPP: Starting ProFTPD...
XAMPP for Linux started.

Test Your XAMPP Installation

OK, that was easy but how can you check that everything really works? Just type in the following URL at your favourite web browser:


Stopping XAMPP

To stop XAMPP simply call this command:

/opt/lampp/lampp stop

XAMPP Security Configuration

As mentioned before, XAMPP is not meant for production use but only for developers in a development environment. The way XAMPP is configured is to be open as possible and allowing the developer anything he/she wants. For development environments this is great but in a production environment it could be fatal.

Here a list of missing security in XAMPP:

  • The MySQL administrator (root) has no password.
  • The MySQL daemon is accessible via network.
  • ProFTPD uses the password "lampp" for user "nobody".
  • PhpMyAdmin is accessible via network.
  • Examples are accessible via network.
  • MySQL and Apache running under the same user (nobody).

To fix most of the security weaknesses simply call the following command:

/opt/lampp/lampp security

It starts a small security check and makes your XAMPP installation more secure.

Start And Stop Server Services

start - Starts XAMPP.

stop - Stops XAMPP.

restart - Stops and starts XAMPP.

startapache - Starts only the Apache.

startssl - Starts the Apache SSL support. This command activates the SSL support permanently, e.g. if you restarts XAMPP in the future SSL will stay activated.

startmysql - Starts only the MySQL database.

startftp - Starts the ProFTPD server. Via FTP you can upload files for your web server (user "nobody", password "lampp"). This command activates the ProFTPD permanently, e.g. if you restarts XAMPP in the future FTP will stay activated.

stopapache - Stops the Apache.

stopssl - Stops the Apache SSL support. This command deactivates the SSL support permanently, e.g. if you restarts XAMPP in the future SSL will stay deactivated.

stopmysql - Stops the MySQL database.

stopftp - Stops the ProFTPD server. This command deactivates the ProFTPD permanently, e.g. if you restarts XAMPP in the future FTP will stay deactivated.

security - Starts a small security check programm.

For example: To start Apache with SSL support simply type in the following command (as root):

/opt/lampp/lampp startssl

You can also access your Apache server via SSL under https://localhost.

Important Configuration Files And Directories

/opt/lampp/htdocs/ - The Apache DocumentRoot directory.

/opt/lampp/etc/- Configuration files.

/opt/lampp/phpmyadmin/config.inc.php - The phpMyAdmin configuration file.

If you want to configure apache2 you have to use /opt/lampp/etc/httpd.conf. (If you want to change Apache DocumentRoot directory you can change it in this file.) If you want to configure name based and ip based virtual hosts check here

Uninstall XAMPP From your Machine

To uninstall XAMPP just type in this command

rm -rf /opt/lampp