A long time ago I found some guide that showed how to use the Windows Hosts file to forward traffic to another IP/Port. We setup a clients server on one IP/Port, and they wanted it changed to another IP/Port on the same machine, but are now asking that we forward UDP/TCP traffic to it as well.
I am pretty sure this is doable but I cannot for the life of me figure out how to do it now after Google searching for a while.
You're probably remembering incorrectly. The only thing that /etc/hosts controls is local DNS lookups -- you can't use it to swap ports around or forward data sent from other machines.
You may be able to forward connections using a firewall package or router.
Related
this might sound a bit amateur-ish but I'm in a bit of a situation here.
So I created myself a website and managed to get it working on localhost, I tried port forwarding ports 80,443 but nothing helped, So next thing I'm googling around and I read about ngrok and it actually worked. Got it working on a long randomly generated domain but the problem is that I want to use the one that I have from no-ip.com. How can I do that please? I'm very lost here.
Software being used: Xampp (Apache,MySQL)
I've reserved a DHCP ip-address for my PC in my router's settings, hopefully that helps? I don't know. Help me internet.
There are a whole bunch of possible reasons that this might not work. Here are a few of them.
Your ISP
Even if you have port forwarding set up properly on your router, it is still possible that you cannot do what you want.
First, many ISPs block serving websites from residential internet connections. Connections to port 80/443 will never even reach your router. You might try experimenting by forwarding a different port number (such as 8000 instead of 80) to see if the traffic can get through on that port. (However, that will not work as a practical solution since your users will not know to use an alternate port and your ISP can choose to terminate your service if you are violating the terms of your agreement.)
Second, due to the exhaustion of public IPv4 addresses, some ISPs are implementing Carrier-Grade NAT (CGNAT, a.k.a. Large-Scale NAT - LSN). Instead of giving your router a public IP address, they give your router a private IP address inside their network. Once again, connections to port 80/443 (or any other port for that matter) will never reach you. You can check if you are behind CGNAT by going to your router's setting and finding the public IP address, then going to https://whatsmyip.com/ and seeing if it is the same or different. (In theory, you should be able to tell that you have CGNAT if your router's IP address is between 100.64.0.0 - 100.127.255.255, but in practice some ISPs use other private network ranges too, such as 10.0.0.0 - 10.255.255.255.)
The reason Ngrok works for you is because Ngrok opens a tunnel from your computer to their cloud servers and sends the traffic through that tunnel.
DNS
You mentioned in the comments that you have the DNS set to resolve the private IP of your computer. That certainly will not allow users on the public internet to get to your site, because they cannot connect to your address.
However, you also mentioned in the comments that if you change the DNS to point to your public IP, it doesn't work from either inside or outside. This could mean your problem is one of the ISP issues described above. It could also mean that your router does not support Hairpin-NAT (a.k.a. NAT Reflection), which is how the router would be able to redirect local traffic back to the local server instead of trying to send it out over the internet.
Firewall
Your computer's firewall can look at the source IP address of the incoming traffic, and it might be set not to allow external access to your web server. DO NOT DISABLE YOUR FIREWALL to try to get around this. Instead, you need to add a specific exception to the firewall rules to allow the incoming traffic. How you do this will depend on your operating system.
I run a 2GB RAM Linode (Ubuntu) that hosts a few WordPress websites. Recently my server has been OOMing and crashing and I have been up all night trying to find out what's causing it. I have discovered there I get an enormous influx of traffic (a tiny DoS) that brings the whole thing down.
I have access logs setup across all of the virtual hosts and I am using tcptrack to monitor activity on the server.
The traffic appearing in my access logs does not account for the traffic I am seeing on tcptrack. i.e. there are a dozen i.p. addresses that are constantly opening and closing connections on the server, but are nowhere to be seen in the access logs for each virtual host.
Clearly it's because these i.ps are not hitting the virtual hosts, but I have tried to set up access logs to monitor server-wide traffic so that I can see what requests their making but I'm really struggling.
Can anyone please point me in the right direction, perhaps tcptrack is just too simplified to provide any meaningful insight?
Start using mod_security
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#Installation_for_Apache
Debian has it which means Ubuntu likely does as well. You should also make sure the kernel is setup properly, search google for SYN_COOKIES. Look into iptables/shorewall etc. Shorewall is a package that wraps iptables. Iptables can be configured for detect floods and start dropping packets.
I have several websites set up on my local XAMPP, and have recently setup virtual hosts so that they can be accessed from my machine using dev.website1.com, dev.website2.com etc.
To achieve this I had to edit my hosts file C:\Windows\System32\drivers\etc\hosts to ensure the name resolves to the correct IP address.
I would now like to make the sites accessible from other computers on the local network, but editing the hosts file for each machine manually seems to be a bad way of doing it, as it would quickly become unmanageable with several machines/addresses to keep on top of.
My question is: Is it possible to add a DNS record or similar to the domain server of our local network (SBS 2008-R2), so that machines on our network can access my websites without having to edit the hosts file on each machine?
Apologies if this is a noob question - I have tried to RTFM, but I am not a network specialist and can't really even be sure if what I'm reading is relevant to my problem, so I really need some help. Thanks.
If you want to use a made-up hostname, it either has to be in your hosts file or in DNS. It's obviously possible to add new subdomains or aliases (CNAME) that point to your existing IP/host to any DNS server -- it's would seem to be a routine operation for your DNS administrator.
After a lot of research I eventually found out how to achieve what I want. I created a new forward lookup zone with the address dev.testsite.com, and then created a blank A record and set it to the IP address I wanted it to forward to. Anyone on my network can now type dev.testsite.com to see the local apache server, or www.testsite.com to see the live version.
I'm sure there are also other ways of achieving this, but as far as I know this is the simplest.
I've set up a page and host it using bindings on ports 80 and 9988 for all incoming IPs. When testing locally on localhost:port it works for both the values but when accessing it remotely, only port 80 gives the desired result. The other one brings out connection time out.
First I thought it had to do with not recognized HTTP request so I added http:// before the IP number but that didn't make any difference.
I'm guessing that I need to alter web.config but I'm unclear why (and how). The only change from the vanilla state I've made was to allow for multiple site bindings (multipleSiteBindingsEnabled), believing that's enough. It's not, apparently. :)
Eventually, I'll be hosting the site on several different ports (none of which is the default 80, though).
What need I to do?
Firewall...
And since SO requires a minimum number of characters: check the settings of your firewall.
My experience is that when a connection isn't working but it should, you need to go "have-you-tried-turning-it-on-and-off-again" but web style: "have-you-checked-your-firewall-settings".
I have installed Apache 2.2 (and PHP/MySQL) on my personal computer so I can run PHP scripts without needing to upload them every time to my server for testing.
The Apache is working on port 80, i.e. I can view my script by going to http://127.0.0.1:80/index.php .
My question is if there is any danger by using the Apache that way, in the sense that now port 80 is listening. Can anyone use this situation to attack my computer?
Thanks,
Joel
Only if it's bound to external addresses (usually any other than 127.0.0.1). Check the Listen directive in the configuration.
You're probably behind a router which blocks access to your computer.
So, no one can attack your computer using port 80 : Even if the port would be accessible from the internet, apache is a really sure software, if you don't run sensible code on it, you don't have to fear that some exploit a leak on it.
You should keep your firewall on so that people from the "outside world" can't connect to port 80 and see your files. That is the safest way of protecting yourself.
You can also block non-local traffic in you apache config file.
You could use this apache config option to make sure no-one else can connect to your server:
Listen 127.0.0.1:80
(You should already have a Listen 80 defined)
The best way is to have a good fire wall. Even though your router has a fire wall. Still you won't be 100% safe because even the White House computers got hacked once and same with Sony!
HUGE COMPANIES WITH EXPENSIVE FIREWALLS!!!!!
But IIS forbids acces to upper directories. Microsoft patched it so visitors can even get out of the SUBDOMAIN FILE IN THE WWWROOT FOLDER.
EX: WWWROOT/Subdomain/
^^^ == NO EXIT