LinuxQuestions.org - web server at home?

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - web server at home? (https://www.linuxquestions.org/questions/linux-networking-3/web-server-at-home-161560/)

web server at home?

Okay, here's a little background. I want to try setting up a web and/or mail server in my apartment. My ISP offers a static IP address for an additional $10 a month, and included with my current service are two IP addresses. My service is currently 128 Kbps upstream and 1 Mbps down, but I can upgrade the upstream to at least 1Mbps without killing my wallet, if I ever need to. I have a single fiber-optic cable running into my apartment with an rj-45 jack.

1) Will an ethernet splitter let me separate a server from my home network and utilize the second IP address available (which i would want to be static), and is that even necessary/advisable? Or is it okay to let this webserver function as a proxy/firewall for my home network?

2) Do I have enough bandwith available to goof around with something like this (will it affect my own surfing very much)? My main goal is to learn something about administering and securing this kind of thing - getting to know apache, iptables and whatnot....and I'd like to try setting up some virtual hosts for my friends.

3) How much trouble would it be to include ssh and ftp functionality?

4) any suggestions on an ideal setup?

thanks-

dave

Here are my opinions:

1. Just make sure your 'public' web server is protected with ONLY port 80 open on your linux box. also make sure your subnet is separate from your home network's. You won't need a splitter if you use a router (#3) / Switch.

2. I'd say yes, if you're expecting to get some hits on a regular basis. Always limit your U/L D/L speeds so you can utilize some of it without the whole pipe being hijacked by big transfers.

3. Invest in good hardware router with a built in firewall / NAT / DMZ. Every bit of security helps when you give the public access whether it's SSH, telnet, FTP, HTTP. Adding additional services really isn't that difficult... just means more ways of someone getting in if they *really* wanted to. :)

It's also a good thing to plan out on paper what your network is going to look like. Ask people and google web security to death.

hope that gives you a starting point,

J

Using Smoothwall or IP Cop on a seperate PC would allow you to split off 2 networks. One for your home network, and one for "public access".
Using a service such as No-IP you can have a stable net address without investing in a static IP.
Setting up any type of server just takes some work and reading.

Hi. I bought the Billion BIPAC-743GE ADSL / router with inbuilt firewall and DMZ, and I am happy with it. I have 2 web servers on my windows machine (Apache and IIS), and 1 web server (Apache) on my Linux server. I simply installed the web servers, made the IP fixed on both machine (and the router with my bought IP address), and forwarded the ports from the router to the machines. Works fine. Adding ssh and ftp is a breeze. Simply forward port 21 and 22 to your Linux IP, and you are done.

Bandwidth is fine. Just think of that a modem user uses around 38, so that would do for 128 / 38 = 3,3 simulatnious users. But web pages are only loaded in short burst, so 10 times this number would be more realistic, so say 30 simulatious users on fast web pages. But they probably wouldn't be surfing all day, and at the same time, and with chaching, so multiply it with 10 again, and you have bandwidth for 300 people surfing quick small web pages (or 3 people downloading movies, or one T1 person downloading movies being rather frustrated on your slow speed). Depends on what type web pages you are making..

And for extra firewall protection that is easy to use, I like to use http://firestarter.sourceforge.net/