?
Solved

Setting up a home web server via cable modem and router

Posted on 2003-03-20
13
Medium Priority
?
990 Views
Last Modified: 2010-03-17
I just recently got high-speed internet through Comcast.  In my house, I have all network jacks (8) plugged into a switch, then the switch is patched into my cable router (stateful, VPN capable), which is then plugged into the comcast cable modem.

I staged a desktop as a Linux server running Apache (I'm new to Linux so I'm still learning), and want to publish web pages so other family members can reach these over the internet.

Can someone give me some specifics on how I make that machine addressible from the internet?  Currently, my cable router provided dhcp addresses and I'm unsure how I can configure things so the server is reachable.  The router does have a DMZ port on it, but I'm not sure this helps.

Any help is greatly appreciated!
0
Comment
Question by:copleydt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 172 total points
ID: 8178805
FIrst, you have to read your Comcast agreement regarding servers. Many cable providers block inbound http port 80.
What router do you have? All you really need to do is find the public ip address of your router, forward port 80 to your web servers 192.168.x.x address, and have your family members http://publicipaddress
0
 
LVL 2

Assisted Solution

by:zekker
zekker earned 164 total points
ID: 8182822
I am not sure about your gear but some products allow you to NAT (Network Address Translation) one of your nicks to the outside world.  Check your documentation.  

If you get better at Linux you could actually put your server right up on the internet.  Just set your one EXTERNAL NIC to be able to use DHCP.  You will also have to enable to setup forwarding and iptables.  Lots of howto's on that on the net. Is your desktop Linux machine ONLY for your web server?  If so that is a good alternative.

but if that is beyond you at the moment, then I would take a look at your gear and read the manual to see if it supports NAT.

If you do decide to put your linux box up on the net make sure you have as few services running as possible.  I would be very careful about that.  To see what services are visiable on your linux box on a specific Interface do the following

nmap xxx.xxx.xxx.xxx   xxx = your NIC.

You should also look into SSH (secure shell access) for your server.  This is available on redhat in the install.
you can start it with /etc/init.d/sshd start

Try to avoid openning telnet at all costs, SSH works much like telnet but its all encrypted.  Telnet is clear text and a security risk.  

If you need a hand with it, I can get you going that way.

Good luck!
0
 
LVL 2

Expert Comment

by:zekker
ID: 8182833
I forgot to mention you can also setup dynamic DNS with the following service.

http://www.dyndns.org/

They do supply and app that will take into account that your IP may change.  You will also have to register a domain name, which you can also do from that site.

Have fun!

- Zekker
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 34

Assisted Solution

by:arbert
arbert earned 164 total points
ID: 8183837
Not sure about your hardware, but on mine I can tell my router to route all INCOMING port 80 traffic to a particular machine on the internal network.  Then you give your family out the address that your cable modem received from DHCP.  Just remember, if you get a different DHCP address, you'll have to give it to your family....

Brett
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 8187834
The dynamic dns is probably the best bet, but many cable providers forbid webservers, and the frequent portscans on my own network are meant to detect them.
If you breach their terms and conditions, they could bar or even sue you.
Read your contract carefully.
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 8187847
But:
If you only want local access, (intranet), just run apache and point the web browsers of your other home machines to the IP address of the machine running the webserver.
e.g. http://192.168.xxx.xxx
0
 
LVL 1

Expert Comment

by:beerbar
ID: 8197447
Just before you do anything with the above info, make sure you have a properly configured server and firewall to protect you and others from hackers. First and formost patch your system, APACHE and OpenSSL have had their problems.  The reason ISP's started banning web servers was because people didnt patch the systems and nimda, codered type worms killed their bandwidth, so they just block the ports now.
0
 
LVL 21

Expert Comment

by:wyliecoyoteuk
ID: 8206070
Sorry, the main reason ISPs ban Webservers, ftp servers etc is Bandwidth hogging.
Just because you have an always on connection, doesn't mean you can set up bandwidth draining services which interfere with your neighbors on the local loop.
As an example, I get 512KB on cable.
Most of the time, takes 3-4 hours to download a cd of data(650K).
 This morning at 7:45, took 12 minutes! the local loop was asleep or at work.
If lotsa ppl start running webservers, ftp servers, P2p servers, etc. no Bandwidth! Even if they are patched,etc.
If you want to run a server, pay for a fixed IP and pay by bandwidth.

My main snort attack sig is from my cable provider.

0
 

Expert Comment

by:Dial
ID: 8206324
Just watch for couple of things:

-Most likely, as long as your demark node is kept on, your IP addr will not change.  Just check this once in awhile and make changes to DNS as needed.  Best bet is to watch your logs for any ISP down time, whether it be an outage or maint activity.

-Your upstream speed is very low compared to your downstream speed.  It doesn't take much to clog up 128k uplink (most probably what you have.)
0
 

Expert Comment

by:Bindoliny
ID: 8243116
Well if your running a switch most dont have a NAT firewall. but on your router depending on the model, on most you can open a single port at a time. If your ISP blocks port 80 which mine does. You can redirect it to say 8080. So open port 8080 on your router set to your linux servers lan address. Then you need to go into your apache config file and have it listen on 8080. Then that is it unless you are going to use a domain name which you either need to setup a DNS server for use a free dns server.
0
 

Expert Comment

by:pdcroft
ID: 8335189
With regard the Dynamic IP address, try www.no-ip.com
They supply a bit of software for free and will also allow you to setup a free domain name ie abc123@zapto.org or whatever.  Everytime you log on or it changes, the software updates abc123 etc so that the ip address is correct.  Your family just have to log on to abc123 etc to find you.

Hope this helps.  
Peter
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

    Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.    What happens when your small business or home / home office loses its internet connection?  The results c…
This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month8 days, 8 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question