Unable to connect to Apache at home from outside
I'm running Slackware 13. Apache has been configured and running. That is to say, I can access the server pages on my machine locally using the current DHCP IP address.
However I'm unable to access it from outside (say from a friends's house) using the same DHCP IP address. I read on the internet somewhere that some DSL providers disable port 80 to prevent individuals from hosting. I don't know if that's the case but I did try specifying different ports in httpd.conf and added the port number to the IP address URL but still didn't work. Code:
Listen 80 I'm just trying some stuff without much concern for security at this point. I understand that a DHCP address can change but for now I don't mind entering the IP address explicitly. Any suggestions would be much appreciated. Thanks in advance, Ash. |
DHCP IP address, which is given by your local network devices or are you talking about dynamic public IP which is assigning by your ISP? if you want to run webserver you need static public IP and you should ask your ISP to open relevant ports(80, 443, etc), I believe for these you should pay some additional money to your ISP rather than these there are some other alternatives, if your network devices(broadband router)support with NAT and DMZ you can NAT local webserver ip and port with your dynamic public IP or otherwise you can try with dyndns
|
Quote:
Quote:
Is there a way to tell if the port 80 (or any other for that matter) is being blocked? Quote:
Regards, Ash. |
You don't strictly have to have a public IP, but it helps. NAT (Network Address Translation) is the usual method of sharing one IP amongst multiple computers, e.g. when multiple computers in a house connect to a single DSL or cable line. What happens is that all the computers behind the router get private (RFC1918) address. The are 192.168.x.x, part of the 172.16.x.x range, and all of the 10.x.x.x range. The router has a public IP address and routes traffic between the private, internal network and the Internet. Traffic from the Internet cannot reach the internal network directly, and RFC1918 addresses are not routable. You should check and make sure that the IP address of your server is really public. Perhaps you have a combined modem/router that is issuing your box a private IP address. Or perhaps you have iptables running on your Linux box and blocking traffic ... have you checked this?
|
You need to log into your cable/DSL router and forward all port 80 (http) requests to the internal ip address of your server. Sometimes they call it application or game sharing, but it is port forwarding. You may have a setting for Dynamic DNS too, so you can get a free domain name to use that always points at your server.
Who is your ISP and do you have cable or xDSL ? |
Also make sure your provider doesn't block port 80 on dynamic IP's
|
Quote:
Quote:
Thanks and regards, Ash. |
Quote:
Quote:
|
Quote:
Quote:
|
Quote:
If your building manager is amenable to it, you might ask them to forward a non-standard port to port 80 on your server. For example, if you could talk them into forwarding port 4080 to 80 on your server, you could get to your server using http://your.ip.address:4080. Of course this makes the assumption your building manager actually knows their ports from the IP addresses. I suspect they're just going to say no, in which case, you are out of luck. |
Go to
http://www.whatismyip.com to find your external IP Then use a online portscanner to see if port 80 is open on the router. If you don't have access to the router, I don't think you will be able to setup a webserver. |
Quote:
Quote:
Oh well, at least I better understand what's going on. Thank you all. |
Yes, probably port 80 is blocking access to the internet. http://127.0.0.1/ (or equivalently http://localhost/) only applies to the local machine, and cannot be accessed from another machine.
|
Quote:
Quote:
|
The building owner is trying to help with port forwarding, but has security concerns that someone could reach my computer through the forwarded port and now has access to the private network and wreck havoc.
Are there ways to minimize it? E.g. Is it possible for port forwarding to limit it to one or two external IP addresses? That is, if I know that I will be accessing from one or two external machines, and if the router only forwards requests from these known IP addresses, it might be an acceptable compromise. Thanks, Ashok. |
All times are GMT -5. The time now is 02:30 PM. |