[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: port 80 filtered



* Joe Hu (joehu@yahoo.com) [010911 08:46]:
> Recently I found out that port 80 of my cable-modem-enabled debian box is
> filtered by my broadband provider. Nap shows the following:
> 
> 80    filtered    top    http
> 
> I cannot connect to my apache server using default port 80, although other
> ports, like 8080 works. I wonder if there's any way to make port 80 open to
> the outside.

Not through your ISP's lines. Either convince them to open port 80 for
you (and send me slides of your snowboard trip with the devil if you get
this done) or you could tunnel it elsewhere. A better idea sounds like
to admit defeat (and acceptance of @home's "no servers" policy) and host
it somewhere else...

If it's a server you want other people accessing, this will probably
give you better performance and security anyway, but will have the
downside of requiring you to pay, either with money or by making your
visitors view ads or some such thing.

If it's just a "convenience" server for yourself, you're better off just
using a non-standard (other than 80) port.

What I meant about a tunnel earlier is a setup like this:

apache on your machine listening on 8080

A tunnel listening on another machine (outside of your ISP - a
friend on a more liberal ISP or something) that forwards all traffic on
port 80 to your machine's 8080. The disadvantages are
-> performance
-> added complexity
-> added points of failure
-> your apache logs will be filled with requests from the tunnel machine.
-> possibly other issues dealing with cookies, session-enabled web
   applications, etc.

To get around those last 2 points you could make use of IP-level redirection
rather than socket redirection, but the first 3 points still stand. I
doubt that it's worth it; just host it elsewhere or on a different port,
depending on your needs.

HTH

-- 
Vineet                                   http://www.anti-dmca.org
Unauthorized use of this .sig may constitute violation of US law.
echo Qba\'g gernq ba zr\!             |tr 'a-zA-Z' 'n-za-mN-ZA-M'

Attachment: pgpVijufa6dYo.pgp
Description: PGP signature


Reply to: