• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 784
  • Last Modified:

What router ports need to be forwarded for web hosting

hello Experts,

I appologize in advance if I added this question to the wrong section.

My question is what ports need to be forwarded at the router for complete .net webhosting

I have windows server 2008 R2 Standard static ip address linksys router

sql server 2008, MySql server, remote desktop web access etc

a list would be most appreciated.

thank you so very much
0
XGIS
Asked:
XGIS
  • 7
  • 4
  • 3
1 Solution
 
Chris WalshSoftware DeveloperCommented:
You don't need to port forward ANY ports related to the sql server database.
Assuming a basic website, port forward port 80 (TCP).  Port 80 is HTTP.  If you use HTTPS (SSL) then you need to port forward port 443 but I don't think you are that for forward.

If you need RDP access then open port 3389.
0
 
XGISAuthor Commented:
Hello thanks for your prompt response.

please see the attached image for ports that are already forwarded if I am missing any please advise Ports that are currently open
0
 
Chris WalshSoftware DeveloperCommented:
You have RDP forwarded twice.  Not sure if that is an issue.

You have a lot of ports forwarding to your internal server - I would suggest switching those off that you don't actually require in the interest of security.   That saying, I know you are currently trying to get it to work and adding/keeping them in for the time being will help debug the process - you can always reduce later.

Because of all the ports you are forwarding, I wonder whether it is not a specific port issue but maybe another routing issue.  Can you (temporarily) set the router to forward ALL ports to your (internal) server IP address?

You might want to clarify exactly what you mean by "complete .net webhosting".  It is best to be clear as to what services your server is provding (web, email, ftp, remote desktop etc.)


0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
XGISAuthor Commented:
Hello and Thanks again the duplicate RDP port is disabled.

the services I want to enable are:

mail server
Webserver
SQL Server
My SQL Server
RDP
RDP Web Access via TS
DNS
AD
FTP
Website panel (formerly DotNetPanel)
Team Foundation Server
0
 
richardburwoodCommented:
If you are trying to allow direct web access to your sql server then the ports opened should work, however this is a very bad idea... If you just want to host a website that uses the database you only need to open port 80 (http) and 443 (https). It is also a very bad idea to expose the AD server directly to the internet.

What exactly are you trying to achieve?
0
 
richardburwoodCommented:
SQL Server needs port - 1433
MySQL needs port - 3306
0
 
XGISAuthor Commented:
I am working on putting infrastructure together to setup a dataceter
0
 
XGISAuthor Commented:
how would you recommend I secure every thing
0
 
Chris WalshSoftware DeveloperCommented:
"I am working on putting infrastructure together to setup a dataceter"

If so, I would seriously get some training on how to securely manage such a system.  You sound like your knowledge with ports and services is not very strong and setting up such an environment is quite highly skilled with seroius concequences if security and control and knowlege are not taken seriously.
0
 
XGISAuthor Commented:
would you be able to direct me to the appropriate sites to learn?
0
 
richardburwoodCommented:
I think you probably need some help in setting up your data centre. From a security point of view you really don't want to expose alot of the services you are talking about. If you are setting up a data centre you really should not be using a Linksys Home / SOHO router.

"I am working on putting infrastructure together to setup a dataceter" & "how would you recommend I secure every thing"

You need to get someone to help you do this, in the politest possible way, your lack of knowledge of basic networking (TCP ports) means you really need to accept your limitations. I don't go and try to build bridges beacuse I am not a structual engineer...
0
 
richardburwoodCommented:
A good one to get an understanding of the technologies involved:

http://www.cert.org/tech_tips/home_networks.html
0
 
XGISAuthor Commented:
thank you so very much
0
 
XGISAuthor Commented:
Honest and to the point, exactly what I need to hear.... thanks again
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 7
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now