What do I need to do to prevent people accessing Apache/MySQL on my desktop install of XAMPP? Is blocking any connections using a software firewall (Sygate) enough?
There is a security article within the distribution. Set a password for localhost and for mysql. Setting the mysql password will cause a few of the example scripts in the main nav to not work unless you edit ehe DB info within. Personally I stop Apache and mysql when I am not using it. I also used the non installer version so there are no registry entries. Also your firewall and router should offer some protection. My son, knowing my IP was unable to get to it and IT is his thing.
Most ISPs block incoming traffic to these ports already. And check your router. You may be able to block it at that level. It's best not to leave security to your localhost if you don't have to. If you must...just install a personal firewall and stop incoming traffic from 80,22,21,25,53,443, and ugh...not sure what else xampp uses but those are the majors.