When you learn, or develop for, web browser-based technologies, such as HTML, CSS, or Javascript, a couple of things are true: first, you don’t need anything beyond a web browser and a text editor; and second, your learning curve usually happens on your machine. No one else sees your hideous progeny until you’re happy with it, or at least are ready for criticism.
But if you’re learning or designing for or developing any of the newer server-based technologies, such as (to pick two wholly at random) WordPress (ProfHacker on WordPress) or Omeka (ProfHacker on Omeka), things are a little different. First, the software’s server-based, so you need a webserver. (Blogging pro tip: always start with the low-hanging fruit!) And since most people don’t have servers set up on their machines, it feels as though all the learning takes place in public. That can be intimidating. Maybe you want to use Omeka for a genuinely private collection, and you aren’t comfortable having it be online at all.
Or maybe you have a blog, and you want to try a new plugin (or write one!) or theme. Only the foolhardy install new plugins–especially ones that change the reader or author experience of a site–on a live setup. Any plugin can seem innocuous, but until you’ve seen it interact with your content, and with the other plugins you’ve installed, you’re taking a risk.
What you need is a development machine: a computer, such as the desktop or laptop you already use, that has a web server installed locally. Once you have that, you can install WordPress or Omeka or what-have-you, and experiment away with it, all from the privacy of your own hard drive. You can mirror your online content on your local server, and make sure you thoroughly understand the consequences of installing the IHeartMalware plugin.
What you need, in short, is XAMPP, a cross-platform (Windows, OS X, Linux) distribution of open-source technologies that makes setting up your own production server trivially easy. (X = cross-platform; A = Apache server software ; M = MySQL ; P = PHP ; P = Perl.) How easy is XAMPP to use? This easy:
There are, basically, four steps to using XAMPP:
- Go to the XAMPP page of the Apachefriends website.
- Click on the link for your operating system and download the distribution package.
- Install the software exactly the same way you install anything else from the internet: Double-click the distribution package and let the installer do its thing.
- Launch XAMPP.
There are a variety of screencasts on YouTube of people installing XAMPP–here’s one about installing, and here’s one about fiddling with the configuration.
Once you have XAMPP installed, it’s super-easy to install WordPress or Omeka. (Here’s a two-parter on WordPress–part 1, part 2, with a bonus 3rd video about mirroring your online blog to the local one. The Omeka folks have a lovely screencast about installation in general. The only issue I had with Omeka was that the folders needed to have their permissions changed, as detailed here in the 4th bullet point under “unsuccessful installation.” ) As Julie has already mentioned, XAMPP can fit on a USB stick, which lets you walk around with the installation to all the different computers or classrooms that you use.
All of which is just to say that while the thought, “I need to set up a local web server so that I can learn about WordPress and Omeka” might sound intimidating or just time-consuming, in fact you’re probably about 7 minutes away from getting it done.
How did you set up your development environment? Or, what’s keeping you from setting one up?
(As the tweet makes clear, I learned about XAMPP’s ease-of-use from former ProfHacker Julie Meloni.)
Image by Flickr user raneko / Creative Commons licensed
Follow Profhacker through your favorite RSS reader: 
10 Responses to Make Your Computer a Web Server or Development Machine in Under 10 Minutes
garysomers - December 2, 2010 at 4:06 pm
Do you prefer XAMPP to MAMP?
quacker - December 2, 2010 at 9:50 pm
A word of caution: Before you fire up that local Web server, be sure you know how to harden the host computer and the Web server software against attacks. You should take steps like removing default accounts/passwords, implementing a host-based firewall, and restricting incoming connection requests to a set of trusted client systems. Few things are more dangerous on a campus network than an unpatched, freely accessible, Internet-facing, web server. URL obscurity is not enought to prevent miscreants from connecting to your local Web server within minutes of it going live and exploiting whatever vulnerabilities are present.
infogoon - December 3, 2010 at 7:49 am
@quacker – Thanks for posting that; it’s exactly what I was going to say. A lot of these “appliance” sort of server packages don’t autoupdate properly or at all, so there’s always a risk of exploitation in the future even if the machine is set up properly now. If there is a mailing list for users of the package, join it just to watch for security alerts.
Also, you might want to mention to your IT or Information Security people that you’ve decided to run a web server. Many of us scan the network periodically for new servers, and it’s entirely possible that yours could be misidentified as a malware infestation or other hostile software.
emmadw - December 3, 2010 at 8:45 am
Or put it on a USB stick – then you have it in your pocket all the time (and tends to interfere less with networked computers – at least at our place that’s the case!)
(THe main drawback is that if you have access to both Windows & Mac, as far as I knwo, you can’t have one USB stick set up to work on both [though you can have the same USB stick with both installs on, as it were])
drjeff - December 3, 2010 at 11:06 am
emmadw: you seem to have two misconceptions:
1- It’s NOT safe if you have it on a USB stick. If you ever leave the thing plugged in for 20 minutes at a time, you have probably already been hacked. And you’ll bring the hack with you to the next computer you stick it into. USB sticks are now a very common virus spreading vector.
2- To make a combination PC & Mac USB stick, you need about half of the second installation. It’s not even hard (okay, maybe 20-30 minutes for your friend who knows about these things) to install the Mac version onto the USB from a Mac, then do the same from a PC (or the reverse). Then you delete one of the “html” areas (which contains your WordPress, Omeka, Drupal or Joomla install), with all your plug-ins and templates and whatever other files make your thing work; you only need 1 copy of that; and make its web server “point” to the other “html” area. Then you do the same with the MySQL database: delete one copy of the database, and make its MySQL installation “point” to the other database. Then, you’ll have 2 copies of Apache, MySQL and PHP (none of which you will ever mess with except to update), and one copy of everything you will mess with (the database and HTML area), and whatever computer you stick it into will work just fine. Actually, I’m a little surprised no-one has a pre-built USB stick image to support PC, Mac and Linux “out of the box” yet: then that would be 7 minutes away, too.
drjeff - December 3, 2010 at 11:15 am
The safe, easy way to operate your own web server?
In your home, behind your home router, where it’s impossible for anyone to access it from the Internet. It doesn’t even have an accessible IP address, and no-one has any way to know it’s there, unless you get some other malware on that same machine through web browsing or something. I highly recommend using a separate PC that you don’t use for ANYTHING else as your web server, which should keep such malware off of it. The peace of mind is worth it. Plus, you can use the oldest, slowest PC you have lying around because you didn’t want to get rid of a working machine. I have a Pentium that came with Windows 95 that works fine.
george_h_williams - December 3, 2010 at 11:20 am
I don’t think @emmadw was suggesting that putting it on a USB stick would make it more secure, just (possibly) more convenient.
Security is, of course, a concern. To make sure your XAMPP installation is secure, you can read one of the many online instructions for doing so, or just run your installation offline, or (perhaps best of all) talk to the IT people on your campus if you’ll be running the installation there.
As Jason’s post above reads, if you’ve got experience with successfully running your own development environment, please share with us some of the details. If you’ve run into obstacles when trying to run your own development environment, you could describe what those obstacles are so that someone here might suggest ways of surmounting them. However, an extended debate about the best ways to make sure your installation is secure isn’t really what this post is aiming to generate.
quacker - December 3, 2010 at 4:41 pm
George, with all due respect, I perceived the point of the article to be that anyone can stand up a web server to use for development and testing purposes, and that one need not be intimidated by the prospect. While I don’t disagree with that viewpoint, I also don’t believe it’s as trivial as Jason implies. Security and privacy risks MUST be addressed and most Web server distributions are not sufficiently hardened in their default configurations. The newbie to web server administration needs to get the technical assistance (or do the research) required to mitigate the initial and ongoing risks in his or her particular situation. I don’t think responders are debating the “best ways” to secure one’s installation as much as pointing out optional approaches to risk mitigation that one might want to consider.
jason_b_jones - December 3, 2010 at 11:54 pm
Would just say quickly that, obviously, I agree with quacker: The thought behind the post is to establish a webserver that doesn’t face the web. XAMPP (as well as a couple of the videos) addresses this a little bit.
Also, as usual, there is more to come, but there’s also the implicit idea that once you get your feet wet a little, then you start to make things like updating a habit.
george_h_williams - December 6, 2010 at 11:57 am
Point taken, @quaker. Mea culpa.