We help IT Professionals succeed at work.

Apache2 external access

I have an Ubuntu server (18.04) running a copy of WordPress that I'm trying to access from outside my home network. I have port forwarding set up on the router and can access Apache quite happily. However, putting in the URL //xxx.ddns.net/wordpress results in my browser displaying the internal address of the server and, naturally enough, failing to connect. I'm pretty certain that there's something fairly simple that I'm missing. Allied to this is that I can't SFTP into the server from outside either. the connection is made but always fails with the password. Of course it all works fine on the LAN. Can anyone enlighten me as to what I'm doing wrong?

MTIA
Rob
Comment
Watch Question

David FavorFractional CTO
Distinguished Expert 2019

Commented:
You said, "I have an Ubuntu server (18.04) running a copy of WordPress that I'm trying to access from outside my home network".

Key here is "outside my home network" which can never happen.

Or better said, you'll either...

1) Simple - deploy your site on a public IP (hosting company).

2) Complex - setup a reverse ssh tunnel, to expose your local IP/port on a public IP. You'll still require a hosting company for a public IP.

Note: No local (LAN) address will ever receive public/externally routed packets.

Note: Many ISPs block listing ports on both residential + business plans. Check your ISP TOS (Terms Of Service) for more details.

For testing + best comments, provide your site (host/domain) name + IP where your site is running.
Most Valuable Expert 2018
Distinguished Expert 2019

Commented:
If you're managing to reach your Ubuntu server from outside of your network, then it's likely an Apache config issue. Have you set up your Virtual Host block correctly for Apache. If you're access it using the domain name http://xxx.ddns.net, then you'll need to make sure your Apache config is setup to serve that address correctly. If it's not setup properly, then any requst to your apache server are likely to result in the default block being shown
nociSoftware Engineer
Distinguished Expert 2019

Commented:

if your name listens to f.e  www.example.com  then you create a public DNS entry with your DNS supplier: (in domain example.com) www  CNAME xxx.ddns.net

OR you configure your webserver to listen for the name xxx.ddns.net. and redirect that to the correct site.


Dr. KlahnPrincipal Software Engineer

Commented:
In order for this to work, you must have either:

a) a static IP address with DNS set up by your ISP, or

b) dynamic DNS.

Of the two, dynamic DNS is easier to manage (you don't have to deal with your ISP for DNS / MX issues) and you can take it anywhere with you on zero notice.

In your case it looks like you are trying to use kinda-sorta dynamic DNS from No-Ip.

<opinion>
If you are using No-IP, I/M/O that is not a suitable solution. It makes you dependent on ddns.net for name resolution, and -- much worse -- you don't own your domain name.  A better solution is to buy your domain name, then use ddclient and any of the "real" dynamic DNS providers such as Dynu.  This minimizes your exposure to outside influences.

I use Dynu DNS on my own server (Debian, Apache) and it has been rock solid for 15 years.  Their web site leaves something to be desired as far as ease of use, but once set up it should never need to be touched again.
</opinion>

Author

Commented:
Thanks for the responses everyone. I may have to close this request and re-open in another forum. I got really frustrated trying to make this work. Eventually I shut the VM is was running down, cloned the original base install and found that, guess what?, it worked just fine. The base install had a copy of WordPress installed but not set up and on an external network I was able to get straight in and see the initial set up page for WordPress. Then I set WordPress up and access stopped instantly, WordPress must be making some changes somewhere but to what and where I have no idea. Unless anyone can help here.

I had a look for Dynu DNS  but no specific website for that as it seems t be a fairly generic term unless I'm missing something, but I suspect it wouldn't make any difference if the problem is internal.

R
Most Valuable Expert 2018
Distinguished Expert 2019

Commented:
Hi Rob,

DynDNS is a paid service that allows you to dynamically change the IP address that a domain points to. The URL for the site is https://dyn.com/

Generally speaking a webserver has a fixed IP address and you use that to tell your domain's DNS records where to find your website. If you are trying to host your website on your own internal network (effectively behind your ISP) then it's highly likely that you have a non-static IP address. This means the IP address of your network (specifically the router) is likely to change. Because of that, you can't just assign an IP to your domains DNS records, and this is where the DynDNS service comes into play. When your IP changes, the new IP is sent to DynDNS which tells it to point your domain to the new IP address (over simplified and not technical, but hopefully enough for a basic understanding).

When hosting a website on your own network, an external domain name will point to the IP address of your Router. You then set up port forwarding on that router. This means for example when a request to port 80 is made to your router - forward that request on to Post XX of IP xxx.xxx.xxx.xxx. The address that it forwards onto is generally the static IP of a computer within your own network (dedicated server / VM etc). For that to then serve a website, it needs to be configured to server a Name Based Host. Apache and Nginx allow you to do this, so you would need to serve it up based on the domain name that was requested.

When you configure WordPress, nothing in your DNS will change. Just make sure that the domain name you configure your server t oserver is correct (i.e the external domain name that the world sees).

FYI - I would suggest you only really take this approach for simple testing and not for large scale production.

Author

Commented:
I'm aware of the principles and theory here and would like to point out that I can get through my firewall and router to several other things, for example I was able to connect to my home automation (Domoticz) server on port 8080, and to remote desktop to my main machine and that I can access the Apache default welcome page and even xxxxx.ddns.net/wordpress/readme.html.as well as the wordpress setup page. However, once set up I can only access the wordpress readme (so that may have been cached) and I can see the Apache welcome page but not if I explicitly name it in the URL. Likewise no PHP files such as phpinfo.php work. Unless, of course, I access them from the LAN and not the internet.

Sorry for any typos on my posts. I've just had an operation on the retina of one of my eyes and my sight is still a bit weird.
Commented:
I suppose the answer was inevitable really. Set up WordPress from the Internet and not form the LAN. That's given me the access I needed.

R