anyone run a webserver off their own personal PC at home?

[AmigaMan]

Just curious if anyone did. I'm thinking about doing that, but I'm a little unsure what I need to do. I know I need to put my PC in the DMZ of my router. I'll have to have Apache or some sort of web server installed. What about DNS and domains? I'm on a dynamic IP address, should i get a static one? How do I do the who DNS thing with my domain?

HELP!

 

[mugs]

I've only used one for development purposes, never for people to actually access it externally. If the domain/hostname people use to access it is not important, then you could use this: http://www.dyndns.org/. That works with dynamic IPs I think.

 

[Malak]

I only used one to show off pictures, but there are enough free pic hosts out there now that I don't need to anymore.

 

[FrustratedUser]

Reminds me of the thread I started... need to finish setting it up.

 

[Modeps]

Check the TOS and AUP from your provider.

 

[Nothinman]

I do, mainly for my own webmail but lately I've just been using IMAP in SSH tunneling and not using the webserver.

 

[FrustratedUser]

Originally posted by: Modeps
Check the TOS and AUP from your provider.

Yup, they will most likely block port 80.

 

[MSCoder610]

Like someone said, I'd just recommend DynDNS. You can also download clients for it, that update your IP with them whenever it changes, so you don't have to worry about it.

 

[randomlinh]

you do NOT need to put your pc on DMZ. install apache, set it up to use a different port than 80 in case your ISP blocks it... and sign up for DynDNS or similar

 

[JackMDS]

May be this can Help.

Link to: Connecting through the Internet to a private Network.

Link to: Simple Serving.

:sun:

 

[kamper]

Originally posted by: lnguyen
you do NOT need to put your pc on DMZ.

Wow. It took 8 posts for someone to pick up on that one. Bad idea :thumbsdown:

 

[AmigaMan]

thanks everyone for the responses. I'd never heard of dyndns before, gotta take a look at it. And thanks JackMDS for the links. I have earthlink cable and I chatted online with them and they said it was ok for me to have a server running off my home PC. They tried to sell me a static ip upgrade too, but I think I'll look at dyndns first.

 

[Mellman]

wow consider yourself lucky for them letting you run a server at home, but don't be surprised if you are getin lots of action and they call and b!tch at you. Most ISP's have it in their contract that you are not allowed to run a server of any kind (web, ftp, game etc) But doing this is easy, you should just need to forward port 80 or 8080 to your computer, and thats it.


Definetly reccomend apache!

 

[AmigaMan]

<sarcasm>
nah, I think I'm gonna run an unpatched version of IIS. What could happen?
</sarcasm>
I plan on running Apache 2.something. Anyone know of any Apache/Windows hardening guides? I may even put up a linux distro (Suse or something) and run Apache off it. It'd be a good learning experience.

 

[drag]

I've setup webservers, signed up with dyndns.org and put it on a different port because my ISP blocks port 80. Even linked to it from here, I don't have anything running currently, though.

If they complain, I'll just tell them to f-off and get a different ISP. Not a big deal. There are ones that encourage things like that. Speakeasy comes to mind.


For hardenning you don't have to do a whole lot. Put it behind a firewall router, only forward ports you need. (port 80 for http traffic generally).

Only run the services you need. Don't log into the server thru telnet or ftp from the internet if you have that setup due to the fact that they transmit passwords in plaintext. If you have lots of stuff you need to access on your server use a VPN.

basicly the idea is only have running what you need. Less stuff there is, the less stuff there is to mess up.

Make sure that you have a way to keep up to date. This is critical. I prefer to use apt-get.

security resources

 

[AmigaMan]

Originally posted by: drag
I've setup webservers, signed up with dyndns.org and put it on a different port because my ISP blocks port 80. Even linked to it from here, I don't have anything running currently, though.

If they complain, I'll just tell them to f-off and get a different ISP. Not a big deal. There are ones that encourage things like that. Speakeasy comes to mind.


For hardenning you don't have to do a whole lot. Put it behind a firewall router, only forward ports you need. (port 80 for http traffic generally).

Only run the services you need. Don't log into the server thru telnet or ftp from the internet if you have that setup due to the fact that they transmit passwords in plaintext. If you have lots of stuff you need to access on your server use a VPN.

basicly the idea is only have running what you need. Less stuff there is, the less stuff there is to mess up.

Make sure that you have a way to keep up to date. This is critical. I prefer to use apt-get.

security resources

Thanks. I went out on google and found a couple other sites for hardening:
Listing of tools to test security
and
Except from the book "Hardening Apache"

 

[AdamSnow]

I ran a website from my personal PC once... I didnt like the fact that it was my actual PC... so I eventually bought another box to host it on...

 

[hopejr]

I do it just for fun on my Win2k3 box using IIS 6. I did have linux on it at one stage using Apache. I also have a webserver running off my iBook, also using Apache.

 

[Zugzwang152]

i wouldn't put it on the dmz, simply forward port 80 on your router to the ip of your box. typically ISP's have clauses against running server-type applications on your computer, as well. I know my Road Runner does, but they typically do not mind as long as you don't use excessive bandwidth.