I installed a dedicated server at home which works fine. I host several services like mysql, apache, websocket, etc... The problem: people who go to my website will know my personal ip address. I hidded my ip under a type A DNS but there is no problem for people to get my real ip.
So how can i fully hide my ip address. Are there some services that provide this? Proxy? Vpn?
This is a tricky question. You cannot truly hide the public-facing IP address of a server if you intend it to be accessed by the public, because they need the IP to route to you.
If you use a public proxy, that proxy will have to know your real IP.
If you use a private proxy, then anyone who wants to visit your site will need to know the IP address of the proxy server, which is probably also owned by you.
If you expose all the services only on the internal network, then you can VPN into your home network to get your services, but then nobody else be able to use your services. Also, the VPN server's IP address will need to be public to anyone you want to give access to.
Related
I am struggeling to connect to my home server that is connected via a Fritzbox router to the internet. I want to connect to the home server from outside of the home net, as it serves as a NAS and provides HTTP(S) services.
The problem is, that I don't understand how to connect to the server over the internet. My Fritzbox is connected to my internet provider via DS-Lite internet connection. As far as I understood, this means that my Fritzbox has no public IPv4 address and therefore the server is not reachable.
Is it still somehow possible to connect to the server?
Reading your question, I can see that there are multiple steps to solve this.
figure out if your internet provider allows you to have incoming connections
I do not know, what a ds lite connection is. Depending on your connection type, e.g. glass fibre, dsl, mobile and your provider incoming connections might be allowed or not. Also specific ports might be forbidden.
Enable port forwarding for incoming connections to your lan server.
Your fritzbox does not know, where to route the incoming connection to.
Make your lan server ip address static. Go to your fritzbox admin page and create a port forwarding rule and map data incoming on port 80(HTTP) and 443(HTTPS) to the lan server ip address.
You can read further here: https://en.wikipedia.org/wiki/Port_forwarding
Figure out the fritzbox's public ip address by checking out this website from within your lan. https://whatismyipaddress.com/
Connect to your server via http(s)://publicip
setup dynamic dns to have a public domain, which you can use instead of the ip address.
Usually private customer internet connections use dynamic ip addresses. So your ip address changes regularly. This is annoying, because you need to lookup the ip address before you can connect again. To avoid this issue, you can use a dynamic dns provider to give you a domain name, which you can use instead of the public ip address. Your fritzbox should have this kind of functionality already. If not, you can also configure it on your server with a cron job.
You can read further here: https://en.wikipedia.org/wiki/Dynamic_DNS
This provider is easy to use and for free: https://freedns.afraid.org/
use the dynamic dns domain name instead othe public to access your server from anywhere
Be aware, that having open connections to your local network gives attack surface from the public internet. So people might steal or delete data on your server or abuse it in other ways.
I'm developing an integration with an API which requires to whitelist customers based on IP addresses. I can easily get outbound IP from Production environments such as Azure or AWS and get those whitelisted.
How can I configure it for my desktop whose public IP keeps on changing after every few hours?
Getting a fixed IP address for your home computer is dependant on your internet provider. Sometimes they offer fixed IPs for 'Business' customers only or such.
Another solution might be to stand up an OpenVPN instance in your cloud then only whitelist that IP address and your expected partner prod addresses. Then you just connect to your VPN to access your API, you can do this from anywhere as your only dependant on the IP address of the cloud OpenVPN instance.
This solution also scales with your development as you only need to add new OpenVPN users to let other developers work with you and don't need their ever changing IP addresses.
I found an easy solution from NordVPN. It has an option to get a dedicated IP VPN :)
I've set up a local site using http-server. I can access the site locally on my computer as: http://localhost:8080/myreport.html
Now I need to allow others to access the site on my machine. I provided the address to a coworker with my ip as http://192.168.56.2:8080/myreport.html but he was not able to access the site.
I checked the http-server site but was not able to find info on how to make a hosted site publicly accessible. Any idea what I might be missing here?
1/ localhost is the local domain of your computer. If you convert it, you will find 127.0.0.1.
2/ 192.168.56.2 is your private ip address. I invite you to read the wikipedia of the Private network definition.
3/ To allow access to your website, you need to know your public ip address and you need to OPEN the 80 port of your ISP.
3bis/ If your coworker is connect at your private network but he can't connect to you website with the private ip address, look if your firewall doesn't block the connections.
PS: Your question would be more relevant in the Super User community
Try this Looks like you must have a dynamic IP, so you can't access it.
We created a subdomain for a website hosted in our internal server. In GoDaddy we set up the subdomain to point to the public IP address, but when we try to access the link internally it doesn't load (because it needs the internal IP to access it) What can be done in this case?
You obviously need to provide different information to internal DNS clients than those publicly available to the world. For that you need to have internal DNS server or DNS proxy that will respond with internal IP address, and your internal clients need to be configured to use that internal DNS server. Specific steps to achieve all this depend on your environment.
The other option is to create another DNS record (for example subdomain-internal.example.com) that will point to private IP address, and use that from internal network (of course, you might need to configure your webserver to respond to that hostname also)
i want to do something like broadcasting my application over internet using my ip.
I have a static IP say a.b.c.d and want to deploy some application say a war file in tomcat on port 8080 so that some remote friend of mine who is not on network can access it over internet using http://a.b.c.d:8080 in browser. i have windows vista/XP installed on my system.
thanks, hope i made the question clear i am still confused with it :(
If you truly have a static IP, and your computer is not behind a NAT box or firewall, then if a.b.c.d is that static address, what you've described will simply work. If you do have a firewall, you have to add an exception to allow requests in. If you've got a NAT box, which you would use to share that static IP among computers, then you need to set the NAT box up to forward requests on that one port to your computer. FInally, if you want a.b.c.d to be a name, rather than numbers, then you need to register a domain name with a registrar like GoDaddy.com and pay some money.
You can use dyndns and set up a domain for your friend to access. www.dyndns.com
Dynamic DNS service allows you to point a hostname to a dynamic or static IP address or URL.