{"id":51196187,"url":"https://github.com/wpexpertinbd/bhserve","last_synced_at":"2026-06-27T21:00:56.216Z","repository":{"id":367114065,"uuid":"1279219425","full_name":"wpexpertinbd/BHServe","owner":"wpexpertinbd","description":"A free, self-controlled local web-server for macOS (PHP/nginx/Apache/MariaDB/Redis/Node) — your own ServBay/Herd/Laragon alternative. By BiswasHost.","archived":false,"fork":false,"pushed_at":"2026-06-24T15:36:56.000Z","size":912,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-06-24T17:10:16.443Z","etag":null,"topics":["apache","homebrew","local-development","macos","mariadb","nginx","php","servbay-alternative","swiftui","web-server"],"latest_commit_sha":null,"homepage":null,"language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wpexpertinbd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"docs/ROADMAP.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-24T13:36:17.000Z","updated_at":"2026-06-24T15:35:13.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/wpexpertinbd/BHServe","commit_stats":null,"previous_names":["wpexpertinbd/bhserve"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/wpexpertinbd/BHServe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wpexpertinbd%2FBHServe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wpexpertinbd%2FBHServe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wpexpertinbd%2FBHServe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wpexpertinbd%2FBHServe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wpexpertinbd","download_url":"https://codeload.github.com/wpexpertinbd/BHServe/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wpexpertinbd%2FBHServe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34867616,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-27T02:00:06.362Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache","homebrew","local-development","macos","mariadb","nginx","php","servbay-alternative","swiftui","web-server"],"created_at":"2026-06-27T21:00:34.001Z","updated_at":"2026-06-27T21:00:56.206Z","avatar_url":"https://github.com/wpexpertinbd.png","language":"Swift","funding_links":[],"categories":[],"sub_categories":[],"readme":"# BHServe — your own free local web server\n\nA native, self-controlled local development stack by **BiswasHost** — a free alternative\nto ServBay / Herd / Laragon. Multiple PHP versions, nginx + Apache, MySQL/MariaDB/PostgreSQL,\nRedis, Memcached, phpMyAdmin/Adminer/Mailpit and Node.js — with automatic `*.test` domains,\ntrusted local HTTPS, one-click WordPress sites, managed Node apps, and public sharing via\nCloudflare Tunnel. 100% open-source.\n\n**Available for:**\n\n| Platform | Status |\n|----------|--------|\n| 🍎 **macOS** | ✅ **Stable** — native menu-bar app (Apple Silicon + Intel) |\n| 🪟 **Windows** | ✅ **Stable** — native WinUI app (Windows 10/11) |\n| 🐧 **Linux** | 🚧 **Coming soon** |\n\n\u003e 🟢 Runs the author's daily dev work — WordPress, OpenCart, WHMCS, Blesta, Laravel, Next.js.\n\n---\n\n## ✨ Features (all platforms)\n\n- **Multiple PHP versions** — 7.4 and 8.1 → 8.6, **per site**, each with its own pool.\n  ionCube + the common extensions for WordPress / OpenCart / WHMCS / Blesta are enabled.\n- **nginx _and_ Apache** — pick per site. Apache mode gives full **`.htaccess`** support\n  (nginx → Apache reverse proxy); nginx is the fast default.\n- **Databases** — MariaDB / MySQL + PostgreSQL. Create/drop databases, set passwords, all\n  from the GUI. (Default login is **root with no password** — see below.)\n- **Caching** — Redis + Memcached.\n- **Web tools** — **phpMyAdmin · Adminer · Mailpit**, each with a one-click on/off\n  (phpMyAdmin allows **uploads up to 2 GB**).\n- **Trusted HTTPS** — one click issues a locally-trusted certificate (mkcert) for any site.\n  No browser warnings.\n- **Automatic `*.test` domains** — every site is reachable at `name.test`.\n- **Site types when you add a site:**\n  - **WordPress** — creates the database, downloads the latest WordPress, pre-fills `wp-config.php`.\n  - **PHP** — creates a database named after the site.\n  - **Others** — just the domain (static / your own app), no database.\n  - **Node app** — run a **frontend (e.g. Next.js) + optional backend/API (e.g. Laravel)**;\n    BHServe supervises both and reverse-proxies them at your domain. Manage start/stop/restart,\n    edit `.env`, run `npm install`, all from the app.\n  - **Python app** — run a **Flask / Django / FastAPI / Gunicorn / Uvicorn** app; BHServe creates a\n    virtualenv, supervises the process, and reverse-proxies it at your domain. Start/stop/restart and\n    `pip install` from the app.\n- **Per-site custom root folder** — default folder, or point a site at any folder on disk.\n- **Node.js** — multiple versions via `fnm`. **Python** — managed interpreter for Python apps.\n- **Share a site publicly** — one-click **Cloudflare Tunnel** gives a temporary public\n  `https://…trycloudflare.com` URL. No account, no port-forwarding.\n- **Live dashboard** — CPU / RAM / disk / network + per-service status cards.\n- **Tray / menu-bar resident** — starts your services at login and sits quietly in the\n  **menu bar** (macOS) / **system tray** (Windows). Open the dashboard whenever you want.\n- **In-app auto-updater** — Settings ▸ Updates.\n\n*(The engine differs per OS — Homebrew on macOS, portable downloads on Windows — but the app,\nthe features, and your sites work the same everywhere.)*\n\n---\n\n## ⬇️ Download \u0026 Install\n\nGrab the latest build for your OS from the\n[**Releases**](https://github.com/wpexpertinbd/BHServe/releases) page.\n\n\u003e BHServe owns ports **80/443** and the `*.test` domain — quit any other local stack\n\u003e (ServBay / Herd / Laragon / XAMPP) before first run.\n\n### 🍎 macOS\n\nDownload **`BHServe-x.y.z.pkg`** (installer) or **`.dmg`** (drag to Applications).\n\n**⚠️ First launch — \"unidentified developer\" / \"damaged\" (read this):** BHServe is free and\nopen-source but **not notarized by Apple** (that needs a paid Apple Developer account), so\nmacOS shows a one-time warning the **first** time you open it. You only do this **once**:\n\n- **`.pkg`:** if macOS says *\"unidentified developer\"* → **right-click the `.pkg` → Open → Open**.\n- **`.dmg`:** drag **BHServe** to Applications and open it. If it says *\"can't be opened…\"*\n  or *\"is damaged\"* → **System Settings → Privacy \u0026 Security**, scroll down to\n  *\"BHServe was blocked…\"* → **Open Anyway** → **Open**. *(Older macOS: right-click → Open → Open.)*\n\nThe \"damaged\"/\"can't be checked\" message is just the download-quarantine flag on an\nun-notarized app — nothing is actually wrong. After the first launch, **Settings ▸ Updates**\nhandles future versions.\n\n### 🪟 Windows\n\n1. **Download and run `BHServe-Setup-x.x.x.exe`.**\n2. It's **unsigned**, so Windows SmartScreen shows *\"Windows protected your PC\"* →\n   click **More info → Run anyway**. (One-time; signing certs are costly — the code is all here.)\n3. Finish the installer and launch BHServe.\n\n**🛡️ Recommended FIRST — add an antivirus folder exclusion (do this *before* installing).**\nBHServe is unsigned and downloads server binaries (PHP, nginx, MariaDB, redis, memcached…), so\nsome antivirus engines false-positive and quarantine them — sometimes *after* a clean install\n(on the next scan), which silently breaks things. Excluding BHServe's two folders avoids this\nentirely, and you can **leave your antivirus on**. Add **both**:\n\n```\nC:\\Program Files\\BHServe\n```\n```\nC:\\Users\\\u003cyour-user\u003e\\AppData\\Local\\BHServe\n```\n\nThe first is the app + CLI; the second is BHServe's data dir (config, downloaded server binaries,\nyour site vhosts, certs). Replace `\u003cyour-user\u003e` with your Windows username.\n\nHow to add a **folder exclusion** in common antivirus:\n\n- **Windows Security (Defender):** Virus \u0026 threat protection → **Manage settings** → Exclusions →\n  **Add or remove exclusions** → **Add an exclusion → Folder** → pick each folder above.\n- **ESET** (NOD32 / Internet Security): Advanced setup (**F5**) → **Detection engine → Exclusions →\n  Performance exclusions → Edit → Add**, and enter each folder path (e.g. `C:\\Program Files\\BHServe`).\n  (For on-execute blocks also check **HIPS / Detection engine → Real-time file system protection**.)\n- **Avast / AVG:** Menu → Settings → **General → Exceptions → Add exception** → paste each folder.\n- **Bitdefender:** Protection → Antivirus → **Settings → Manage exceptions → Add an exception** → folder.\n- **Kaspersky:** Settings → **Security settings → Exclusions / trusted apps → Manage exclusions → Add**.\n- **Malwarebytes:** Settings → **Allow list → Add → Allow a file or folder** → pick each folder.\n- **Other AVs:** look for **Exclusions / Exceptions / Allow list / Trusted folders** and add the two\n  paths above.\n\n\u003e ⚠️ An exclusion tells your antivirus to skip those folders — only do this because you trust\n\u003e BHServe (the full source is in this repo). If you ever uninstall BHServe, remove the exclusions.\n\nIf BHServe was already installed and a server won't start (its binary got quarantined), add the\nexclusions above, **restore** the quarantined file from your antivirus, then reinstall that service\n(Services tab) or relaunch BHServe.\n\n**🚫 \"An Application Control policy has blocked this file\" / \"we can't confirm who published\nBHServe.App.exe\"** — this is **Smart App Control** (a Windows 11 feature), not a virus. It blocks\n**unsigned** apps it doesn't recognize. Two cases:\n\n- **SmartScreen** (*\"Windows protected your PC\"*, blue dialog) — click **More info → Run anyway**.\n  You can also right-click the downloaded `BHServe-Setup-x.x.x.exe` → **Properties** → tick\n  **Unblock** → **OK**, then run it.\n- **Smart App Control** (the *\"Application Control policy has blocked this file\"* error) — unlike\n  SmartScreen, SAC has **no per-app \"allow\"**. To run an unsigned app you have to turn it off:\n  **Settings → Privacy \u0026 security → Windows Security → App \u0026 browser control → Smart App Control\n  settings → Off**.\n  \u003e ⚠️ **This is a one-way change** — once Smart App Control is **Off**, it can only be turned back\n  \u003e **On** by resetting/reinstalling Windows. It's a security trade-off; only do it if you understand\n  \u003e that. If you'd rather not, wait for a signed build.\n\n\u003e **Why this happens:** BHServe is currently **unsigned** (code-signing certificates are an ongoing\n\u003e cost). Each new release is a fresh unsigned file with no reputation yet, so SmartScreen/Smart App\n\u003e Control can flag it. A signed build (planned) removes this entirely.\n\n### 🐧 Linux\n\n🚧 **Coming soon.** (The engine is largely portable; the GTK app + packaging are in\nprogress — see `docs/LINUX-PORT.md`.)\n\n---\n\n## ✅ Before you start — install \u0026 turn these on\n\nBefore adding a site, install these from the **Services** tab (the first run usually installs\nthe core set for you) and make sure each shows **running / active**, or just click **Start All**:\n\n| Service | Why | Needed for |\n|---------|-----|-----------|\n| **nginx** | the web server | every site |\n| **PHP** (≥ one version, e.g. 8.4) | runs your PHP code | every PHP/WordPress site |\n| **MariaDB / MySQL** | the database | WordPress + any DB-backed site *(skip for static \"Others\")* |\n| **DNS** (dnsmasq) | makes `*.test` resolve | every site *(macOS — Windows handles this via the hosts file automatically)* |\n| **mkcert** *(optional)* | trusted local HTTPS | only if you want `https://` |\n\n\u003e If a site shows **\"This site can't be reached\" / `DNS_PROBE_FINISHED_NXDOMAIN`**, the **DNS**\n\u003e service isn't running — open **Services** and **Start dnsmasq** (it asks for admin once). If you\n\u003e see **502 Bad Gateway**, the site's **PHP version or nginx** isn't running — start them.\n\n---\n\n## 🚀 Quick start\n\n1. **Add a site** — Sites ▸ **+**. Enter a name (e.g. `myshop`), pick the **type**\n   (WordPress / PHP / Others / **Node app**), PHP version, and web server.\n2. Open **`http://myshop.test`** in your browser.\n3. Want HTTPS? The site's **\"…\"** menu ▸ **Enable HTTPS** (trusted, no warnings) → `https://myshop.test`.\n4. Building WordPress? Pick **WordPress** → BHServe downloads WP, creates the DB, and pre-fills\n   the config. Just finish the title + admin step in the browser.\n\nEach site row has quick actions: open in browser, open folder, view logs, start/stop, share\npublicly, a **\"…\"** menu (change PHP / root folder / switch nginx↔Apache / enable HTTPS / delete),\nand — for Node apps — start/stop/restart, edit `.env`, and `npm install`.\n\n---\n\n## 📦 Moving sites from XAMPP / Local / Laragon / ServBay / Herd\n\nAlready have sites in another local stack? Bringing them into BHServe is three steps — copy the\nfiles, import the database, point the app at BHServe — and works the same on macOS and Windows.\nSee the **[Migration guide → `docs/MIGRATING.md`](docs/MIGRATING.md)** for per-stack file\nlocations, database export/import, WordPress URL search-replace, and troubleshooting.\n\n---\n\n## 🗄️ Databases \u0026 phpMyAdmin — important for new users\n\nFor convenience on a local machine, **all databases use the `root` user with _no password_**\n(blank). Nothing is reachable from outside your machine (see Security), so this is safe.\n\n| Setting   | Value                          |\n|-----------|--------------------------------|\n| Host      | `localhost` (or `127.0.0.1`)   |\n| Port      | `3306`                         |\n| User      | `root`                         |\n| Password  | *(leave blank — no password)*  |\n\n- **phpMyAdmin** (`http://phpmyadmin.test`) / **Adminer** (`http://adminer.test`): log in as\n  **`root`** with an **empty password**. WordPress and other sites BHServe sets up are already wired this way.\n- Open these from the **Web tools** card — each has an on/off switch.\n- **Want a password?** Set one anytime in **Databases ▸ Root password** (then update your app configs to match).\n\n---\n\n## 🌍 Share a site publicly (Cloudflare Tunnel)\n\nEach site has a **Share** button → BHServe starts a **Cloudflare quick tunnel** and gives you a\ntemporary public **`https://…trycloudflare.com`** URL to send a client or open on your phone.\nNo Cloudflare account, no router config. **Stop sharing** when done. (cloudflared installs on first use.)\n\n---\n\n## 🔒 Security\n\nBHServe is a **local development** tool, hardened accordingly:\n\n- **Loopback-only:** nginx, Apache, MySQL, Mailpit, and your Node apps listen on **`127.0.0.1`**\n  — your sites, phpMyAdmin/Adminer, and Mailpit are **never exposed to your network**.\n- **DBs use `root` / no password by design** — safe because nothing is reachable off this machine.\n- Site / DB / log names are validated (no path traversal or config injection); DB inputs are\n  SQL-escaped; passwords pass via environment, never on the command line.\n- Privileged steps are minimal and explicit — binding `:80/:443` and `*.test` DNS (macOS sudo /\n  Windows UAC). On macOS the optional password-less helper grants `sudo` to **only** the `nginx` binary.\n- The one exception to loopback-only is a **Cloudflare Tunnel you start yourself** — that\n  intentionally exposes that one site publicly while it's running.\n\n---\n\n## 🛠️ Build from source\n\nEverything is in this repo:\n\n- **macOS** — Bash engine (`engine/bhserve`) + SwiftUI app (`app/`). `cd app \u0026\u0026 ./build-app.sh`\n  then `./make-dist.sh` → `.dmg` + `.pkg`.\n- **Windows** — C# / .NET + WinUI (`windows/`). See **`windows/README.md`** (`build.ps1`).\n- **Linux** — in progress; see `docs/LINUX-PORT.md`.\n\nData lives in `~/.bhserve/` (macOS) / `%LOCALAPPDATA%\\BHServe` (Windows); sites default to\n`~/BHServe/www/`. The engine is usable directly too (`bhserve doctor`, `site add`, `secure`, `status`, …).\n\n---\n\n— BiswasHost · \u003chttps://www.biswashost.com\u003e\n\n## ☕ Support\n\nBHServe is free and open-source. If it saved you time, you can **buy me a coffee** — it\ngenuinely helps me keep building and maintaining free tools like this. 🙏\n\n- **bKash** (Personal · *Send Money*): **`01710378396`**\n\nধন্যবাদ! / Thank you!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwpexpertinbd%2Fbhserve","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwpexpertinbd%2Fbhserve","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwpexpertinbd%2Fbhserve/lists"}