copleydt
asked on
Setting up a home web server via cable modem and router
I just recently got high-speed internet through Comcast. In my house, I have all network jacks (8) plugged into a switch, then the switch is patched into my cable router (stateful, VPN capable), which is then plugged into the comcast cable modem.
I staged a desktop as a Linux server running Apache (I'm new to Linux so I'm still learning), and want to publish web pages so other family members can reach these over the internet.
Can someone give me some specifics on how I make that machine addressible from the internet? Currently, my cable router provided dhcp addresses and I'm unsure how I can configure things so the server is reachable. The router does have a DMZ port on it, but I'm not sure this helps.
Any help is greatly appreciated!
I staged a desktop as a Linux server running Apache (I'm new to Linux so I'm still learning), and want to publish web pages so other family members can reach these over the internet.
Can someone give me some specifics on how I make that machine addressible from the internet? Currently, my cable router provided dhcp addresses and I'm unsure how I can configure things so the server is reachable. The router does have a DMZ port on it, but I'm not sure this helps.
Any help is greatly appreciated!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The dynamic dns is probably the best bet, but many cable providers forbid webservers, and the frequent portscans on my own network are meant to detect them.
If you breach their terms and conditions, they could bar or even sue you.
Read your contract carefully.
If you breach their terms and conditions, they could bar or even sue you.
Read your contract carefully.
But:
If you only want local access, (intranet), just run apache and point the web browsers of your other home machines to the IP address of the machine running the webserver.
e.g. http://192.168.xxx.xxx
If you only want local access, (intranet), just run apache and point the web browsers of your other home machines to the IP address of the machine running the webserver.
e.g. http://192.168.xxx.xxx
Just before you do anything with the above info, make sure you have a properly configured server and firewall to protect you and others from hackers. First and formost patch your system, APACHE and OpenSSL have had their problems. The reason ISP's started banning web servers was because people didnt patch the systems and nimda, codered type worms killed their bandwidth, so they just block the ports now.
Sorry, the main reason ISPs ban Webservers, ftp servers etc is Bandwidth hogging.
Just because you have an always on connection, doesn't mean you can set up bandwidth draining services which interfere with your neighbors on the local loop.
As an example, I get 512KB on cable.
Most of the time, takes 3-4 hours to download a cd of data(650K).
This morning at 7:45, took 12 minutes! the local loop was asleep or at work.
If lotsa ppl start running webservers, ftp servers, P2p servers, etc. no Bandwidth! Even if they are patched,etc.
If you want to run a server, pay for a fixed IP and pay by bandwidth.
My main snort attack sig is from my cable provider.
Just because you have an always on connection, doesn't mean you can set up bandwidth draining services which interfere with your neighbors on the local loop.
As an example, I get 512KB on cable.
Most of the time, takes 3-4 hours to download a cd of data(650K).
This morning at 7:45, took 12 minutes! the local loop was asleep or at work.
If lotsa ppl start running webservers, ftp servers, P2p servers, etc. no Bandwidth! Even if they are patched,etc.
If you want to run a server, pay for a fixed IP and pay by bandwidth.
My main snort attack sig is from my cable provider.
Just watch for couple of things:
-Most likely, as long as your demark node is kept on, your IP addr will not change. Just check this once in awhile and make changes to DNS as needed. Best bet is to watch your logs for any ISP down time, whether it be an outage or maint activity.
-Your upstream speed is very low compared to your downstream speed. It doesn't take much to clog up 128k uplink (most probably what you have.)
-Most likely, as long as your demark node is kept on, your IP addr will not change. Just check this once in awhile and make changes to DNS as needed. Best bet is to watch your logs for any ISP down time, whether it be an outage or maint activity.
-Your upstream speed is very low compared to your downstream speed. It doesn't take much to clog up 128k uplink (most probably what you have.)
Well if your running a switch most dont have a NAT firewall. but on your router depending on the model, on most you can open a single port at a time. If your ISP blocks port 80 which mine does. You can redirect it to say 8080. So open port 8080 on your router set to your linux servers lan address. Then you need to go into your apache config file and have it listen on 8080. Then that is it unless you are going to use a domain name which you either need to setup a DNS server for use a free dns server.
With regard the Dynamic IP address, try www.no-ip.com
They supply a bit of software for free and will also allow you to setup a free domain name ie abc123@zapto.org or whatever. Everytime you log on or it changes, the software updates abc123 etc so that the ip address is correct. Your family just have to log on to abc123 etc to find you.
Hope this helps.
Peter
They supply a bit of software for free and will also allow you to setup a free domain name ie abc123@zapto.org or whatever. Everytime you log on or it changes, the software updates abc123 etc so that the ip address is correct. Your family just have to log on to abc123 etc to find you.
Hope this helps.
Peter
http://www.dyndns.org/
They do supply and app that will take into account that your IP may change. You will also have to register a domain name, which you can also do from that site.
Have fun!
- Zekker