Expose my server to internet

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

Expose my server to internet

Padmahas Bn
Hello,

Out of curiosity, I just want to access my server over internet.
I have forwarded port 80.
I have got a free domain in NoIP.
In my router I've also configured the settings and successfully logged in.
But when I test whether my port 80 is accessible, it's not opened.
This is my home system, using Ubuntu 18.04. I've not enabled any firewall by myself.

So just wanted to know whether should I configure anything in Apache httpd to make port 80 accessible?

Thank you.
Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Bob Cochran
On 7/4/19 12:16 AM, Padmahas Bn wrote:
> Hello,
>
> Out of curiosity, I just want to access my server over internet.
> I have forwarded port 80.
> I have got a free domain in NoIP.
> In my router I've also configured the settings and successfully logged in.
> But when I test whether my port 80 is accessible, it's not opened.
> This is my home system, using Ubuntu 18.04. I've not enabled any
> firewall by myself.

I think you're saying that you can access port 80 on your local network
but not from the Internet and are wondering what's blocking it.   It's
another matter if you can't access your website on your own local
network.  If that's the case, yes, you need to configure your conf file
properly.  Read the tutorial on the apache site for a walk through.

I'm not sure what you mean by "successfully logged in" into your router.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.

If I was you, the first thing I would do is run tcpdump or wireshark on
your machine running apache and make sure you see an HTTP request coming
in and a response going back out.   You can do the same thing while
testing your local network, too.

Something like:

$ sudo tcpdump -i enp2s0 -vvvSXn port 80

This should give you the clues as to what's happening on your network. 
Of course, you can also see a request in your apache log.   I think the
default on Ubuntu for the log is /var/log/apache2/access.log

This page on our site might help you with tcpdump:
https://mindchasers.com/dev/tools-tcpdump

Good luck,

Bob

>
> So just wanted to know whether should I configure anything in Apache
> httpd to make port 80 accessible?
>
> Thank you.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Richard szajkowski
In reply to this post by Padmahas Bn
Is this a home network or a business network ?  

Some isp block ports , I would do a port scan to make sure it’s open ,  and then make sure the box that is hosting your sever has a static IP and you have the correct ip in your router for forwarding that static ip

Richard Szajkowski

> On Jul 4, 2019, at 12:16 AM, Padmahas Bn <[hidden email]> wrote:
>
> Hello,
>
> Out of curiosity, I just want to access my server over internet.
> I have forwarded port 80.
> I have got a free domain in NoIP.
> In my router I've also configured the settings and successfully logged in.
> But when I test whether my port 80 is accessible, it's not opened.
> This is my home system, using Ubuntu 18.04. I've not enabled any firewall by myself.
>
> So just wanted to know whether should I configure anything in Apache httpd to make port 80 accessible?
>
> Thank you.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Mark J Bradakis
In reply to this post by Padmahas Bn
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Padmahas Bn
Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)
 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.



On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Richard szajkowski
It’s your inside address that needs to be static , yes the router will just be fine 

Your box will need to be on something like 192.168.1( or 0) .50 let’s say and in the router that ip and port should point to that ip and port 

I have all my static ip’s under 100 and dhcp is above 100 

Hope this helps 

Richard Szajkowski


On Jul 4, 2019, at 1:45 PM, Padmahas Bn <[hidden email]> wrote:

Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)
 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.



On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Bob Cochran
In reply to this post by Padmahas Bn
On 7/4/19 1:45 PM, Padmahas Bn wrote:
Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

It sounds like you need to open a port on your router to forward port 80 to your apache server.  Be careful about which ports you open and realize that once you do, others will discover it.  On the outside, you don't have to open 80.  It might be helpful to pick a high, obscure port number to avoid bots that scan ports searching for ways to gain entry into private networks. 


sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)

enp2s0 is the name of my Ethernet  network interface.  I can discover it by running ifconfig.

It seems that you're somewhat new to networking.  I recommend that you install Wireshark on your Ubuntu machine and read some tutorials about it. 


 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.


On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Padmahas Bn
In reply to this post by Richard szajkowski
Hello VA3RZS,

Yes, my internal IP address is static. It's 192.168.0.106. But DHCP is set to "Automatic". Does that affect?

Thank you.

On Thu, Jul 4, 2019 at 11:27 PM VA3RZS <[hidden email]> wrote:
It’s your inside address that needs to be static , yes the router will just be fine 

Your box will need to be on something like 192.168.1( or 0) .50 let’s say and in the router that ip and port should point to that ip and port 

I have all my static ip’s under 100 and dhcp is above 100 

Hope this helps 

Richard Szajkowski


On Jul 4, 2019, at 1:45 PM, Padmahas Bn <[hidden email]> wrote:

Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)
 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.



On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Richard szajkowski
Yes , has to be set to static  make sure your IP is out side the DCHP pool , that way it won’t be given to any one else by mistake .

That’s why I start my DHCP pool at .100 

Richard Szajkowski

On Jul 4, 2019, at 2:12 PM, Padmahas Bn <[hidden email]> wrote:

Hello VA3RZS,

Yes, my internal IP address is static. It's 192.168.0.106. But DHCP is set to "Automatic". Does that affect?

Thank you.

On Thu, Jul 4, 2019 at 11:27 PM VA3RZS <[hidden email]> wrote:
It’s your inside address that needs to be static , yes the router will just be fine 

Your box will need to be on something like 192.168.1( or 0) .50 let’s say and in the router that ip and port should point to that ip and port 

I have all my static ip’s under 100 and dhcp is above 100 

Hope this helps 

Richard Szajkowski


On Jul 4, 2019, at 1:45 PM, Padmahas Bn <[hidden email]> wrote:

Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)
 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.



On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Flaviu Radulescu
You need to do port forwarding on your router from the public ip port 80 to the internal (server) ip port 80. Also, configure your router to always give the same ip (static ip) to your server.

This way all the requests coming from outside on port 80 are forwarded to internal server ip on port 80, the server response are going to normally be routed to the source request, but you just need the outside traffic to be routed the the server ip. So, search on your router configuration  for port forwarding. That’s all you need to do, nothing on the apache, just standard configuration. 

Apologies for brevity and/or typos. An iPhone was involved in writing this message.

On 4 Jul 2019, at 21:52, Richard szajkowski <[hidden email]> wrote:

Yes , has to be set to static  make sure your IP is out side the DCHP pool , that way it won’t be given to any one else by mistake .

That’s why I start my DHCP pool at .100 

Richard Szajkowski

On Jul 4, 2019, at 2:12 PM, Padmahas Bn <[hidden email]> wrote:

Hello VA3RZS,

Yes, my internal IP address is static. It's 192.168.0.106. But DHCP is set to "Automatic". Does that affect?

Thank you.

On Thu, Jul 4, 2019 at 11:27 PM VA3RZS <[hidden email]> wrote:
It’s your inside address that needs to be static , yes the router will just be fine 

Your box will need to be on something like 192.168.1( or 0) .50 let’s say and in the router that ip and port should point to that ip and port 

I have all my static ip’s under 100 and dhcp is above 100 

Hope this helps 

Richard Szajkowski


On Jul 4, 2019, at 1:45 PM, Padmahas Bn <[hidden email]> wrote:

Hello Bob, Richar and Mark,
Thank you for your response.

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.
I'm not sure what you mean by "successfully logged in" into your router.
As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

Your router will need to support NAT to translate your local IP address
to the one on the Internet.
I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.
I hope this supports NAT.

sudo tcpdump -i enp2s0 -vvvSXn port 80
I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as
tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)
 
It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.


On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:
Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

RE: Expose my server to internet

Flaviu Radulescu

Here is a link to your router configuration with all the details of how to do the port forwarding: https://www.tp-link.com/us/user-guides/tl-wr841n_v14/chapter-4-configure-the-router-in-wireless-router-mode#ug-sub-title-7

 

---

FLAVIU RADULESCU | Lumminary  |  lumminary.comhttps://lumminary.com/1x1.png?t=flv-otlk
PLEASE NOTE:  This email and any file transmitted are confidential and/or legally privileged and intended only for the person(s) directly addressed. If you are not the intended recipient, any use, copying, transmission, distribution, or other forms of dissemination is strictly prohibited. If you have received this email in error, please notify the sender immediately and permanently delete the email and files, if any.

 

From: Flaviu Radulescu <[hidden email]>
Sent: 04 July 2019 23:05
To: [hidden email]
Subject: Re: [users@httpd] Expose my server to internet

 

You need to do port forwarding on your router from the public ip port 80 to the internal (server) ip port 80. Also, configure your router to always give the same ip (static ip) to your server.

 

This way all the requests coming from outside on port 80 are forwarded to internal server ip on port 80, the server response are going to normally be routed to the source request, but you just need the outside traffic to be routed the the server ip. So, search on your router configuration  for port forwarding. That’s all you need to do, nothing on the apache, just standard configuration. 

Apologies for brevity and/or typos. An iPhone was involved in writing this message.


On 4 Jul 2019, at 21:52, Richard szajkowski <[hidden email]> wrote:

Yes , has to be set to static  make sure your IP is out side the DCHP pool , that way it won’t be given to any one else by mistake .

 

That’s why I start my DHCP pool at .100 

Richard Szajkowski


On Jul 4, 2019, at 2:12 PM, Padmahas Bn <[hidden email]> wrote:

Hello VA3RZS,

 

Yes, my internal IP address is static. It's 192.168.0.106. But DHCP is set to "Automatic". Does that affect?

 

Thank you.

 

On Thu, Jul 4, 2019 at 11:27 PM VA3RZS <[hidden email]> wrote:

It’s your inside address that needs to be static , yes the router will just be fine 

 

Your box will need to be on something like 192.168.1( or 0) .50 let’s say and in the router that ip and port should point to that ip and port 

 

I have all my static ip’s under 100 and dhcp is above 100 

 

Hope this helps 

Richard Szajkowski

 


On Jul 4, 2019, at 1:45 PM, Padmahas Bn <[hidden email]> wrote:

Hello Bob, Richar and Mark,

Thank you for your response.

 

@Bob Cochran,

Yeah, I can access port 80 form my local but not from internet. I'm trying to access my IP from mobile network (Not wifi, from data pack) Please find my comments below.

I'm not sure what you mean by "successfully logged in" into your router.

As I said, I've registered a free domain name on NoIP.com, I had to configure dynamic DNS in my router to synchronize my external/public IP (since it is dynamic in nature) with my registered domain name automatically. So i meant that configuration was successful.

 

Your router will need to support NAT to translate your local IP address
to the one on the Internet.

I'm using TP-Link 300M Wireless N Router, Model No. TL-WR841N / TL-WR841ND.

I hope this supports NAT.

 

sudo tcpdump -i enp2s0 -vvvSXn port 80

I'm not sure which parameters I need to change here according to my system. I just ran the same command and got output as

tcpdump: enp2s0: No such device exists
(SIOCGIFHWADDR: No such device)

 

@Richard szajkowski,

It's my home network, and have dynamic IP address. But I've updated the IP address which I got from google search "what is my ip",  while forwarding the port.

 

@Mark J Bradakis,

Thank you for the reference. I'll take a look.

 

Thank you.

 

On Thu, Jul 4, 2019 at 6:16 PM Mark J Bradakis <[hidden email]> wrote:

Some of the tools here might assist in tracking down what is visible to
the world and what is not.

https://tools.dnsstuff.com/#

mjb.



---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

rexkogitans@gmx.at
In reply to this post by Padmahas Bn
Could it be that you have a Provider Grade NAT?

This means that your host is within your home LAN, and this home LAN is
within a LAN of the Internet provider. If you ask for your IP address on
sites like whatismyipaddress.com, you see the IP address that your
provider's gateway has in the Internet. Thousands of other hosts which
are also customers of your provider could have the same IP address then.

If so, there is no way to access your host from outside (from the
Internet zone). There is also no way to access your host from within
another host of your ISP's network, because the intrazone traffic is
usally blocked.

kr,

rexkogitans


Am 04.07.19 um 06:16 schrieb Padmahas Bn:

> Hello,
>
> Out of curiosity, I just want to access my server over internet.
> I have forwarded port 80.
> I have got a free domain in NoIP.
> In my router I've also configured the settings and successfully logged in.
> But when I test whether my port 80 is accessible, it's not opened.
> This is my home system, using Ubuntu 18.04. I've not enabled any
> firewall by myself.
>
> So just wanted to know whether should I configure anything in Apache
> httpd to make port 80 accessible?
>
> Thank you.

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

Walter H.
On 12.07.2019 22:01, [hidden email] wrote:
>
> If so, there is no way to access your host from outside (from the
> Internet zone). There is also no way to access your host from within
> another host of your ISP's network, because the intrazone traffic is
> usally blocked.
not at all;
get an HE-IPv6-Tunnel and you have IPv6-connectivity from anywhere


smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

rexkogitans@gmx.at
This bails down to the same thing: Either your host establishes the
tunnel, or there is no way to reach it. In fact, this is a gateway
exclusively for your host - exactly something your ISP does not have.

Am 13.07.19 um 08:48 schrieb Walter H.:
> On 12.07.2019 22:01, [hidden email] wrote:
>>
>> If so, there is no way to access your host from outside (from the
>> Internet zone). There is also no way to access your host from within
>> another host of your ISP's network, because the intrazone traffic is
>> usally blocked.
> not at all;
> get an HE-IPv6-Tunnel and you have IPv6-connectivity from anywhere
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Expose my server to internet

James Moe
In reply to this post by rexkogitans@gmx.at
On 12/07/2019 1.01 PM, [hidden email] wrote:

> In my router I've also configured the settings and successfully logged in.
> But when I test whether my port 80 is accessible, it's not opened.
> This is my home system, using Ubuntu 18.04. I've not enabled any
> firewall by myself.
>
  Many ISPs have restrictions on servers. Often a "residential" Internet
service does not allow website or email servers. That is, connections
initiated from outside your network are blocked.
  Check with your ISP about serving websites.

--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.


signature.asc (201 bytes) Download Attachment