i use OSX Mavericks that has built in Apache. I need to give access to a local website on my machine to someone , i did this many times before by enabling web sharing , opening port 80 for my local ip on the router and then by giving my is ip the website was live on the internet. Problem now is that i use the wifi connection from a friend and i cannot ask him for the router pass to open 80 as i am sure that he will not understand and maybe he even change the wifi pass. i checked the ports on the router and there are some open ports, i was wondering is it possible to change apache settings so it will listen to another port and then make the website publick by giving again my isp ip? i tried to nano httpd.conf and change Listen 80 to Listen 12345 (for example) so i thought that if my ip is 55.666.45.155 and i type 55.666.45.155:12345 my website will popup but it doesn't work.
Is this possible to do somehow?
Related
I have a bit of a janky setup configured in an attempt to create a little test website that I can navigate to from a source external to my network. I'm working with a dynamic IP address which obviously isn't ideal, but this page isn't meant to be viewed by anyone. I'm using DuckDNS to route to my WAN IP, and that allows me to quickly update the dynamicIP that duckDNS points to in a flash when my Dynamic IP refreshes. I have ports 80 and 443 forwarded on my router to route to my webserver IP. I have apache configured to listen on ports 80 and 443.
I can hit the website internally from my computer and phone (when its on the network), but when I attempt to hit the site from an external source, I get 408s. I'm still a little new to apache, so I'm trying to see what I've missed here? What's weird is that I see the 408s in the access.log - so wouldn't that mean the attempt is at least making it to the webserver?
As a newbie set up mediawiki in apache httpd on my linux pc. In the corresponding .conf file "require all granted'" is set. The pc was assigned static IP 192.168.0.2 by the router. The port 80 of the pc is opened for any device. I visited http://192.168.0.2/mediawiki/index.php from the host. It worked as expected. Now I tried to visit the same address from my android phone connected to the same network and I was presented with the message "127.0.0.1 refused to connect" by chrome. I noticed that the part http://192.168.0.2 had been replaced by https://127.0.0.1 in the address bar. The same thing also occurred on Firefox on my phone. I can still visit http://192.168.0.2 from my phone and it works just fine. So what is happening here and how to solve this problem?
EDIT: The problem is solved. Mediawiki has this LocalSettings.php file which gets automatically created during installation. It contains a field "$wgServer" which is the "The protocol and server name to use in fully-qualified URLs" as shown in the documentation. This value was automatically set to "http://127.0.0.1" during the installation. Thereby whenever I was trying to connect to mediawiki from my phone I was actually getting redirected to that same phone. I changed the value to "http://192.168.0.2" and now everything is working fine!
Looks like something happened at the connection from your mobile phone to the pc hosting the web server.
Your configuration looks fine even tho you provided almost no details at all: according to your description, I suspect the problem is on your phone or on your router because the domain and url switched from 192.168.0.2 to 127.0.0.1 and the protocol switched from http to https.
You should try the same test from another pc connected to the same network.
You can have a better understanding of what's happening, testing the connection from command line using curl:
$ curl -v http://192.168.0.2/mediawiki/index.php
The output will give you some details of what's going on if the redirect was requested by the webserver or not.
My guess is that your apache is configured to listen to 127.0.0.1 or localhost (it's the default). Open httpd.conf or your virtual host configuration file and look for Listen. Here's some snippets from the official documentation:
The Listen directive tells the server to accept incoming requests only on the specified port(s) or address-and-port combinations. If only a port number is specified in the Listen directive, the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface. Multiple Listen directives may be used to specify a number of addresses and ports to listen on. The server will respond to requests from any of the listed addresses and ports.
For example, to make the server accept connections on both port 80 and port 8000, on all interfaces, use:
Listen 80
Listen 8000
To make the server accept connections on port 80 for one interface, and port 8000 on another, use
Listen 192.0.2.1:80
Listen 192.0.2.5:8000
More information at
https://httpd.apache.org/docs/2.4/bind.html
I'm brand spanking new to setting up websites, so go easy.
Basically I setup an osticket system on my XAMPP stack and It works locally no problem but when I try to access it from my public IP it won't connect.
I've port forwarded port 12345 -> 80 as my server listens on 80.
So theoretically if I type in my URL bar it should connect right?
In the httpd.conf file for Apache do I enter the external or internal IP address? I'm assuming I leave it as localhost because the .conf file is local to the server.
My networking setup:
Firewall setup:
<PublicIP:12345> ALLOW <PriavteIP>
Port forwarding setup:
<PublicIP:12345> -> <PrivateIP:80>
It's hard to tell without understanding more about your setup. I'm going to assume you have a router that connects your internal network to the Internet, and you have one or more computers connected in your network, and your server is one of those.
So are you talking about the port forwarding rules on your public-facing router's firewall? If you are forwarding port 12345 from your router to port 80 on your server, the reason it won't work is because a standard HTTP request from a public machine will come to your router on port 80, not port 12345. Are you entering in a URL with the 12345 port number in it? If anything, you should simply be routing all requests to port 80 on your router to the IP of your server.
You can check this if you try to view your web site using the port number in the URL. So if your IP address to your router is 5.6.7.8 you would enter http://5.6.7.8:12345 and this would load your web page, as the request for a page from port 12345 would get forwarded to port 80 on your server. But honestly I think you just need to get rid of port 12345.
I am using WAMP with Apache 2.4.9 on Windows 8 64 bits.
I've set up port forwarding (for port 80) on my router and set up a static IP to my computer on my network.
I can access my website from my computer and from my network. But I cannot access it externally by typing my IP on the browser URL Bar.
I believe my ISP is blocking port 80 or preventing me to host a web server. How can I avoid such blocking?
There are a number of things that can catch you out while doing this, here are a few I know about.
You are entering your WAN ip address on a browser inside your router
Your ISP is actually blocking port 80
You are in some kind of compound/apartment block and your internet comes through a central entry point and therefore you are behind another router.
You are entering your WAN ip address on a browser inside your router
Most SOHO routers do not have the required technology i.e. loopback, to allow you to use your WAN ip address inside your router. SOLUTION: Tests should be done from outside you router i.e. Go out and use a friends internet connection to see if you can access your site, or use your phone while connected to the ISP network and not your own wifi.
Your ISP is actually blocking port 80
You can test this by changing the port number that your router is forwwarding to the PC's port 80. To do this do something like this:
Change your routers Port forwarding so that incoming port 8080 is forwarded to you local PC's port 80.
Now again use a internet connection outside your local network or your phones ISP network, and try connection to YOURIP:8080/
You are in some kind of compound/apartment block and your internet comes through a central entry point and therefore you are behind your router and another central router that you have no control over.
You can normally tell this is the case if your routers WAN ip addres is in one of these ranges i.e. a Private Network Address
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
If this is the case, you are probably not going to be able to get around this to your satisfaction. While whoever looks after this central router may claim they are not blocking port 80, of course by virtue of how a router work they are, they are just not actively blocking it. Even if you could get them to Port Forward their routers port 80 to yours, it would only ever work for you, so if 2 people wanted to do this they could not do that without adding some extra hardware to their network, and that is unlikely.
WARNING
You will see lots of advice on the web suggesting that changing this section of your httpd.conf file may cause Apache to allow you to access it from anywhere:
<Directory />
AllowOverride none
Require all denied
</Directory>
This section should not be changed from the above i.e. totally disallow any access.
The <Directory /> refers to the root directory of the drive that Apache is installed on.
The recomended mechanism of securing an Apache instance is to disallow any and all access to the root folder and all its subfolders, which the above syntax does. You then specifically Allow access only to the folders that Apache actually requires access to, which by default in WAMPServer should be done in this section:
<Directory "d:/wamp/www/">
...
</Directory>
Or in the Virtual Host definitions for each hosted site.
If you change the above to Require all allowed what you are saying is: If I get hacked, allow the hacker total access to all the folders on this drive. On unix this may not actually be so terrible as the basic ethos of unix is nobody can access anything unless authorised, so other security mechanisms may well stop access to any folder on the drive. But on Windows where the basic ethos is its your PC you can do anything you like with it this can be highly dangerous, and offers hackers a handy attack vector i.e. Apache and once they compromise Apache, this would basically give away the Crown Jewels very easily.
Some isp's will block to prevent you from hosting. You might check with an online port scanner to see if your port 80 is a tually open and forwarding. If you know your setup is right and that your ISP is indeed blocking, you can always port forward a different port and configure apache to listen on that different port.
I'm using xampp as a testing host, but I want to be able to access it from anywhere. currently I can access it through localhost only, and through lan by typing my local ip, but not by typing my external ip from anywhere. I tried setting up apache vhosts, but I'm not sure what to put there, examples online aren't very clear, and I don't even know if it works. so if someone could give me a heads up, I'd appreciate!
Log into your router and set up port forwarding to your computer with xampp on it. You probably want to forward port 80 (default for http) to your computer's LAN IP. Then you should be able to access your xampp setup over the Internet by going to your external IP address.
first you need to make sure the incoming traffic on port 80 is not blocked by your firewall or ISP - see this video demo
then you need to configure your Router to forward:
incoming requests to your External IP port 80 towards your Internal IP port 80 - video demo here
and finally test if port open - see this demo