No doubt that Laragon, is far more flexible, better and more feature-rich than xampp, but both of them are meant for the local development environment and not for serving actual websites, on your VPS you should take other path and configure everything from its own packages and the do the hardening yourself.
Posts made by DonMcCoy
RE: Hows the security?
RE: 504 Gateway Time-out Error when Enabling Php Extension opcache
Hi, 504 can mean anything, without the logs we won't be able to help, please post your Nginx error logs and php-error logs.
RE: Always run cmder as admin
@AnthonyFuller This has nothing to do with laragon, you should do it from Cmder, go to settings -> Startup then choose the "Specified named task" to be "Cmder as admin" this way Cmder will always start as admin whenever it's invoked from Laragon.
RE: [Tutorial] How to add your favourite editor to Laragon and the Windows Right-Click Menu
@johncarter Yes this is exactly the problem, there is no way, to tell Laragon what the default editor is.
I hope that @leokhoa will add such an option in the future versions.
But for now, just delete the whole notepad++ directory from /bin if you have declared other editor.
RE: Laragon HTTPS Certs from a CA
You're so welcome, and many thanks for the effort in creating it, I would've gladly made these changes myself if Laragon was open source, It would be awesome if you consider open sourcing it, being purely for the community and beating by far the other proprietary software.
Laragon HTTPS Certs from a CA
I have a feature request regarding how Laragon handles the creation of the certificates for apache/nginx SSL, as I've already saw, that Laragon re-issues the certificate for each newly created domain as an extra DNS name, that's good so far, then Laragon will add this certificate to windows Certificate trust store, here arises the problem when using Firefox, Firefox newly don't trust certificates from Windows Cert Store, and it needed to be enabled manually from about:config by setting the flag "security.enterprise_roots.enabled" to true, and this sadly still somehow buggy.
Chrome, however, handles this properly as it always read from the Windows cert store at first, then all Laragon links will be trusted without a warning.
So from that perspective, wouldn't it make more sense if Larargon creates its own CA, add it to the windows trust store, this way we leverage the addition of new certificate every time to windows, and Firefox can trust this once and forever for future certs created from Laragon.
What do you think?
RE: Auto-generated SSL certificates not working
For future readers, I had the same problem, It's somehow related to having both apache and nginx with SSL enabled, when i start Nginx it won't create the cert nor the conf in /etc/ssl, then when i started apache which was listening on non 80/443 ports, it created the cert and i was able to start nginx after that.