Hello!!! <3
So i’m trying to host my own lil website server! I already got httpd on my fedora (GNU/Linux) device, forwarded the 80 port to my router and - TADA I can access my simple index.html site from anywhere now via the IPv4 address! I even tried it on my phone at work, and I was able to reach my home server!
I have now purchased some nice domain smorty.dev rather cheaply on porkbun but - as you may find out when clicking on the link - it doesn’t forward to my server yet ;(
I have already setup the A address record thingy on porkbun, which can even be verified by running ping smorty.dev in the terminal, as it retrieves the current IPv4 address of my router
CODE BLOCK
maria@fedora:~$ ping smorty.dev
PING smorty.dev (79.241.82.75) 56(84) bytes of data.
64 bytes from www.smorty.dev (79.241.82.75): icmp_seq=1 ttl=63 time=8.35 ms
64 bytes from www.smorty.dev (79.241.82.75): icmp_seq=2 ttl=63 time=6.53 ms
64 bytes from www.smorty.dev (79.241.82.75): icmp_seq=3 ttl=63 time=5.94 ms
^C
--- smorty.dev ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 5.937/6.937/8.345/1.024 ms
I searched online and found some people talking about a Windows HOSTS file, so I found the equivalent for GNU/Linux, which is /etc/hosts and that file now looks like this
CODE BLOCK
maria@fedora:~$ cat /etc/hosts
# Loopback entries; do not change.
# For historical reasons, localhost precedes localhost.localdomain:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
# See hosts(5) for proper format and other examples:
# 192.168.1.10 foo.example.org foo
# 192.168.1.13 bar.example.org bar
79.241.82.75 www.smorty.dev
127.0.0.1 www.smorty.dev
Soooo there is clearly a connection there, but the actual forwarding in the browser to my website doesn’t seem to work ;(
I am *somewhat sure I exported this correctly…
IMAGE OF ROUTER INTERFACE
EDIT: I completely forgot to mention what the address records look like… and maybe they are kinda important for my problem sooo here they are!
SCREENSHOT FROM ADDRESS RECORDS
if someone here could share some advice maybe - that would be super great :)
Is your web server set up to use a domain? Like if you’re using Apache vhosts or anything, I’m pretty sure you need to configure your domain in there too, and then restart the web server.
As others have said, close port 80. I actually stopped exposing ports a while back. I just configured always on vpn on my phone instead. Much more secure.
Unless you’re using outdated server software, there’s nothing inherently insecure with exposing ports to the Internet. Be it port 80 or 443. Just keep everything up to date and maybe add fail2ban to stop people poking around.
There is always a risk. Nothing is 100% secure. It’s low but the risk is there. Noobies also make configuration mistakes which can impact security severely.
Don’t forget about heart bleed, the openssl vulnerability that went undetected for years.
My home shit is also not funded by a Corp with all kinds of fancy threat detection and prevention stuff. I don’t have the time or desire to deal with it, nor do I need to serve other users, only my own needs. Therefore vpn is more secure.