WAMP 64 Bits + Free SSL (Let's Encrypt)

WAMP likes XAMPP, they are free tools packaged Apache, MySQL / Maria DB & PHP together. XAMP also has other services / applications such as FileZilla, Mercury & Tomcat and it also can run on Linux & OS-X. While WAMP just runs on Windows. However for Windows' users, I recommend WAMP because it is designed for Windows only, so it has some advanced features for Windows but XAMPP doesn't have, especially it has Windows 64 bits version while XAMPP has only 32 bits version for Windows.

1. Install

To install Wamp 64 bits, you can download it from wampserver.aviatechno.net. You should install it as Administrator. You also must install all Visual C++ redistributable packages (x86 + x64) (32bits  + 64bits) for running Wamp 64.

After installing & running, if its system tray icon is green, it's ok. Let choose versions for Apache, PHP & MySQL which you want for your websites.

2. Configure auto start up

For live server, you need to configure Apache & MySQL auto start up when the server restarts.

Go to Windows Services, find wampapache64 & wampmysqld64 services then set them Automatic startup.

Next, right click on Wamp tray icon, select Wamp Settings menu >> select Wampserver Homepage at startup.

3. Enable SSL (HTTPS)

The latest Wamp 64 has already included Open SSL built-in, so you don't need to install Open SSL. Below are steps to enable it for Apache:

• Open httpd.conf file, uncomment the following lines:

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

• Open php.ini file, uncomment the following line:

extension=php_openssl.dll

4. Add virtual host for your website

Open httpd-vhosts.conf file and add a virtual host running on HTTP (port 80) for your website, below is an example:

<VirtualHost *:80>
 ServerName mydomain.com
 ServerAlias www.mydomain.com
 DocumentRoot "c:/mywebsites/www.mydomain.com"
 <Directory  "c:/mywebsites/www.mydomain.com/">
  Options Indexes FollowSymLinks
        AllowOverride all
        Order Deny,Allow
        Allow from all
        Require all granted
 </Directory>
 ErrorLog "logs/mydomain.com-error.log"
 CustomLog "logs/mydomain.com-access.log" common
 Alias /.well-known c:/mywebsites/www.mydomain.com/.well-known
</VirtualHost>

In which, .wellknow folder will be used to store a key to challenge with Let's Encrypt server for creating your free SSL certificate in next step.

To check if you made right syntax, open cmd tool, go to Apache bin folder and run:

httpd –t

If the syntax is correct, let restart Apache service, then check your website on a browser. You can read my article "Creating Multiple Virtual Sites on a WAMP Server" for more info on creating virtual hosts.

5. Create free SSL certificate with Let's Encrypt

You can read my article Free SSL Certificate with Let's Encrypt to know about Let's Encrypt and tools to create free SSL certificate. In this post, I will show you how to do this with letsencrypt-win-simple tool.

Download latest letsencrypt-win-simple tool from its release page. Unpack it into a folder, for example: C:\letsencrypt-win-simple. Open cmd tool as Administrator, cd to this folder and run letsencrypt.exe, its interface will show as below:

Key N then key 4, it will ask you enter host names (domain names) as the following screen:

Let key your domain name, for example: www.mydomain.com, then it will require you enter the root folder containing your website, for example: c:\mywebsites\www.mydomain.com. After that, the tool will do a process to create a key in the folder c:\mywebsites\www.mydomain.com\.well-known\acme-challenge, then challenge with letsencrypt.org to authorize and create certificates. These certificates are in the folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org. We will use them to create virtual host running on port 443 (HTTPS).

On finishing, the tool will ask you to create a scheduled task running on 9 am every day to renew your certificate automatically when it is used 60 days (30 days before expiry), see the following picture. With this scheduled task, you can sleep well :)

6. Add virtual host HTTPS for your website

Now you are ready to up & run your HTTPS website, let create a virtual host running on port 443 with SSL certificates for it, see the following example:

<VirtualHost *:443>
 ServerName mydomain.com
 ServerAlias www.mydomain.com
 DocumentRoot "c:/mywebsites/www.mydomain.com"
 <Directory  "c:/mywebsites/www.mydomain.com/">
  Options Indexes FollowSymLinks
        AllowOverride all
        Order Deny,Allow
        Allow from all
        Require all granted
 </Directory>
 ErrorLog "logs/mydomain.com-error.log"
 CustomLog "logs/mydomain.com-access.log" common

 SSLEngine on
    SSLCertificateFile "C:/ProgramData/letsencrypt-win-simple/httpsacme-v01.api.letsencrypt.org/www.mydomain.com-crt.pem"
    SSLCertificateKeyFile "C:/ProgramData/letsencrypt-win-simple/httpsacme-v01.api.letsencrypt.org/www.mydomain.com-key.pem"
    SSLCertificateChainFile "C:/ProgramData/letsencrypt-win-simple/httpsacme-v01.api.letsencrypt.org/ca-<hex code>-crt.pem"
</VirtualHost>

Restart Apache service then check https://www.mydomain.com on a browser (for example Chrome). If it has the symbol https with green, it's ok. Congratulation!

7. Make some securities for Wamp 

Remember to restart Wamp's services after configuration 😃

7.1 Hide server info to prevent bad guys mining it

Open httpd-default.conf file, find & change parameters the following:

ServerSignature Off
ServerTokens Prod

7.2 Make sure  directories / files outside of the document root (website) are not allowed to access

Open httpd.conf file, check if the content of directory tag is like the following:

<Directory />
     Order Deny,Allow
     Deny from all
     Options None
     AllowOverride None
</Directory>

or

<Directory />
     AllowOverride none
     Require all denied
</Directory>

7.3 Reduce time out to prevent DoS attacks

Open httpd-default.conf file, find & set the following parameter:

TimeOut 60

You can set it less than, for example 30.

7.4 Set password for MySQL

• Left click Wamp's system tray icon.
• Select MySQL > MySQL console menu.
• Press Enter on the console opened.
• Key SET PASSWORD FOR root@localhost=PASSWORD('your_password'); (change your_password to your private password). They press Enter.

7.5 Change permissions for folders in your website

Normally, I prefer to set all folders in my website to allow Read & Execute permission only except some folders having Write permission. To check what user runs Apache, let open Windows Task Manager and click Details tab, and see in User name column:

It often is SYSTEM user. To remove Write permission, right click on your web root folder >> select Properties menu >> click Security tab >> click Edit button >> select SYSTEM user >> on Write permission row, untick on Allow column, tick Deny column:

If you cannot edit on Allow column, back to your web root folder >> select Properties menu >> click Security tab >> click Advanced button >> click Disable inheritance button on SYSTEM user having Full control access inheriting from parent folder. Then you can edit in above step.

For folders which you need to write (upload), just enable Write permission for SYSTEM user on those folders.

That's all for tonight. Bye and see you next post. Any comment is welcome!

Good night!

Fix wamp httpd msvcr100.dll not found

Download MS VC++ redistributable package:
https://www.microsoft.com/en-us/download/details.aspx?id=5555

Move mysql service of wamp

1. Copy all content of old mysql folder to new mysql folder.
2. In new mysql folder, open file my.ini and replace all old folder to new folder (except log-error variable)
3. To change executable path of wampmysqld service, run regedit in START >> RUN, then go to:

HKEY_LOCAL_MACHINE >> SYSTEM >> CurrentControlSet >> Services >> wampmysqld >> ImagePath
Change it to new folder.
4. Open wampmanager.ini and replace all old mysql folder to new folder.

Creating Multiple Virtual Sites on a WAMP Server

 When developing multiple sites, it is helpful to have a copy of each site running on your local computer.  With Apache it is fairly easy to configure multiple sites under one install.  This article outlines the basic steps for configuring Apache's "Named Virtual Hosts" feature under WAMP Server on Windows XP.

Step 1: Tell your machine to answer to different names.

By default, Windows will answer to the name "localhost" for browser requests originating on the same machine (yours). If you have WAMP Server running, you can browse to http://localhost and see your WAMP site.  We can make Windows answer to multiple names by editing a file called "hosts" located in your /windows/system32 folder.  Browse to:

"C:\windows\system32\drivers\etc"

Once there, you should see a file titled "hosts".  Open that file with a text editor like notepad or Komodo Edit.  You may have to change the open dialog to "all files" in order to see it.  You should see a line that looks like this:

127.0.0.1        localhost

That tells Windows that the name "localhost" points to the machine who's IP address is 127.0.0.1, which is a standard address for "this machine".  We can multiple entries for 127.0.0.1, and your browser will then associate all of them with your local computer. In our case, let's create one called "client1.localhost".  Add a line to the hosts file so it looks like this:

127.0.0.1        localhost
127.0.0.1        client1.localhost

You can add as many entries as you like and your browser should display your WAMP Server site for all of them.  Save your hosts file and try visiting http://client1.localhost" in your browser.  You should see your WAMP site.
Note: Do not create hosts entries for external sites.  This can cause hours of frustration and needless troubleshooting.  For example, if you added this line:

# Don't do this.
127.0.0.1        google.com

You would no longer be able to access google.com, because it is now associated with your local computer.  The request never reaches the Internet. The same applies to client domains.  For this reason, stick to something identifiable as local, like "google.localhost".

Step 2: Create a Client Site Folder

We need multiple site root folders to house multiple sites. Currently WAMP Server only has one site root, which typically lives at "C:\wamp\www".  Let's create another one at "C:\wamp\client2".  Navigate to "C:\wamp", and click "File -> New -> Folder".  Rename your new folder to "client2".
Create a test file called "index.html" in "C:\wamp\client2":

<html>
<head>
<title>Hello?</title> 
</head> 
<body>
Hello from Client 2! 
</body>
</html> 

Step 3: Tell Apache to Serve Multiple Sites by Name

WAMP configures Apache to serve a single site that usually lives in "C:\wamp\www".  Apache can handle multiple sites if we tell it where to look.  To open your WAMP Server Apache configuration, left-click the WAMP Server icon and select "Apache -> httpd.conf".  The file should open in notepad.
Look for a line like this:

Listen 80

This tells Apache to listen for browser requests on port 80.
Change it to this:

Listen *:80 

This tells Apache to listen to port 80 of any address.
At the end of httpd.conf, add this:

# Tells Apache to identify which site by name
NameVirtualHost *:80
# Tells Apache to serve the default WAMP Server page to "localhost"
<VirtualHost *:80>
ServerName localhost
DocumentRoot "C:/wamp/www"
</VirtualHost> 
# Tells Apache to serve Client 1's pages to "client1.localhost"
# Duplicate and modify this block to add another client
<VirtualHost *:80>
# The name to respond to
ServerName client1.localhost
# Folder where the files live
DocumentRoot "C:/wamp/client1"
# A few helpful settings...
<Directory "C:/wamp/client1">
allow from all
order allow,deny
# Enables .htaccess files for this site
AllowOverride All
</Directory>
# Apache will look for these two files, in this order, if no file is specified in the URL
DirectoryIndex index.html index.php
</VirtualHost> 

Step 4: Restart Apache and Test

Left-Click your WAMP Server tray icon and select "Restart All Services". Browse to http://client1.localhost and you should see your new site.