I have Xampp on a server and am able to access it from inside my local network, I have 3 vpns to other rooftops that can ping the server just fine, but can't get xampp to allow them to pull up a web page on the server outside the local network.
found this on the web, works for local but not the vpns:
Allow from ::1 127.0.0.0/8 x.x.x.0/8\
fc00::/7 10.0.0.0/8 172.16.0.0/12 x.x.0.0/16\
fe80::/10 169.254.0.0/16
how do you allow access to a webpage through your vpns and not screw up security with 'Allow from all'?
If you dont want to whitelist all connections you will have to set up 3 rules.
If it works for the local network it should work for VPNs either. So i guess you have a problem by detecting the correct ips for the vpns.
They depend on which kind of VPN you are using:
If it is a End-to-End VPN you should know the VPN Net ip and subnet mask. You can look for it in the vpn adapters settings.
If it is a Site-to-End VPN there should be no problem as the clients are a part of the local network.
If it is a site-to-site VPN and there are no forwarding rules active you also wouldnt have a problem. Unless the ip addresses overlap.
If you are working with forwarding it will be very hard to handle the different ip ranges. So consider using a simple vpn.
I hope i got your question right and it may help someone:)
Related
Is there any way for me to connect to a VPN without having it use my DNS? My internet provider where im connected can only use the DNS to connect to a separate server, which then connects to the internet as the router only interacts with that server, so if I change my DNS, my connection instantly stops working.
Is there any service that connects to a server without DNS as a VPN, or even some way to set up a proxy to go to another server after it interacts with my DNS?
Tried Changing DNS, no connection using cloudflare or google DNS servers (1.1.1.1, 8.8.8.8), Hotspot Shield VPN wouldn't connect, VPN from my home network wouldn't connect.
So, your ISP allows DNS traffic only to its server. And you want to by-pass this limitation.
Solution 1: SSH Proxy
ssh -D 5000 user#host
Now, you can set your applications to use proxy on socks5://localhost:5000
You must set "Proxy DNS on socks5"
This proxy goes throught the SSH server
Of course you need SSH server somewhere to connect to.
Solution 2: DNS over HTTPS
https://en.wikipedia.org/wiki/DNS_over_HTTPS
https://manpages.ubuntu.com/manpages/bionic/man1/dnss.1.html
It should work because your DNS packages go as HTTPS packages.
Solution 3: VPN or other services like nordvpn
It should work also since packages go encrypted to the VPN.
Actually, VPN should work without your ISP DNS as long as you connect to the VPN IP address instead the hostname.
Finally
Solution 2 seems to be the only one you are able to perform without external services.
I have a piece of code where an external API needs to access my "www" folder for images. When I load the url, "http://localhost:8001/images/1.jpg" from the browser, it does show the image. But when I access it through the code it says, "connection refused". I have turned off the firewall as well. I also tried using the IP address instead of the "localhost".That doesn't work either. Please help.
Remember the domain name localhost has a special meaning. It always means this PC, or more accurately this network cards loopback address.
I cannot access your PC from here using the domain name localhost, as it will always be looped back to my PC.
If you want an external site to make a call to your PC then there are a number of things you will have to do.
Buy yourself an domain name, you either buy a real one or use a Dynamic DNS service like dyndns.com or or noip.com
Or you use your routers WAN ip address.
Then you must amend the httpd.conf file so that Apache allows access
from all ipaddress's
Then you must Port Forward your Router so the the NAT firewall allows
external accesses on port 80 to be forwarded to the internal PC
running Apache, and only that PC.
And possibly amend your software firewall on the Apache PC to allow access from external sources on port 80
Ive been searching around the internet and I cannot not find the answer to why wampserver is only running on localhost. I have pressed Put Online and I still do not know why it is only running offline. Not sure if it is my wampserver setup or my router blocking me, so any help would be great.
To access your server from the internet you need to do a number of things not specifically related to WAMPServer.
First you need to port forward your router, this allows un-solicited traffic on port 80 throught the NAT router firewall protection, into your network where normally for security reasons it is not allowed in. This opens the port and makes sure that all traffic on port 80 of yor router is directed to the PC running WAMPServer i.e. Apache. So you will need to make sure that the PC running Apache has a STATIC ip address and is not being allowctae an IP by the routers DHCP server.
This site can be very helpful with learning how to do that
Once that is done you may also need to configure your software firewall running on the PC that has Apache on it to allow traffic on port 80 into the PC. Although you may have allowed this already when you first ran Wampserver after it was installed.
When you use the WAMPManagers Put Online and Put Offline that changes the Apache config (httpd.conf) and should change
# onlineoffline tag - don't remove
Require local
which tells apache to only allow connections from the PC running Apache
To
# onlineoffline tag - don't remove
Require all granted
which tells Apache that it is allowed to action connections from any ip address in the world
1) Check you firewall setting 80 port enable
2) Check anti virus Blocking
3) c:\wamp\bin\apache\Apache2.2.11\conf\httpd.conf
Order Deny,Allow
Deny from none
Allow from all
I have set up a FTP server with Apache FTP server on local machine, this machine can access internet but its IP address cannot be accessed externally.
I also have another machine in a different city - it can access the internet but it is same in that its IP address cannot be accessed externally. The two computers are not on the same network so they are unable ping each other.
How I can use FTP client from another machine to access the FTP server, I know it should be impossible but do you guys have any workarounds (whatever code change or other approaches)
I am in the US - do you guys have idea how I can make my home IP publicly accessible?
it is very possible if you control the firewall that the server is behind. this is standard network configuration, and you can find hundreds of tutorials online, but the most important bit of information is the firewall, not the ftp server. you configure port forwarding on your firewall to forward incoming ftp requests to your internal ftp server. also, you will want to use "passive" ftp from the client because the client is also behind a firewall.
I tried putting my IP from whatismyip.com in the urlbase of Bugzilla but it did not work. I wasn't able to create a new account for my team mate, and he wasnt able to access the server by typing the my ip address in his browse. And surely, when I connect again, my IP address will change. Do we have to buy a www address to host Bugzilla?
You can setup a dynamic dns service, for example via http://www.dyndns.com or http://www.no-ip.com or http://freedns.afraid.org to solve the changing ip problem without buying a domain (or buying a domain as well, but it's not a requirement).
But the real problem is that your team mate cannot access the server via the current IP address which points to either a misconfiguration of the webserver (listening only on localhost?), to a firewall in between, or most likely, that port forwarding isn't set up in your router for requests coming to your external IP address to be forwarded to the machine where you have Bugzilla set up. Additionally, you must set the urlbase to your local IP address, not to the external IP address, as blak3r says.
Check http://www.portforward.com for instructions on how to do port forwarding. But don't forget that everything mentioned has to be working:
Web server listening to outside requests: This can be tested from the same internal network via the local network IP address (what you see typing in a command line console ipconfig in Windows and ifconfig in Linux). If you can connect from a different machine on the same network via the local IP address, this is solved.
Firewalls (in router and the webserver machine) accepting connections to the web server port: For firewalls in the web server, the same test as above covers it.
Port forwarding so the router forwards the requests received on the web server port to the web server machine: This gets tested in the same way as firewalls in the router, that is, you must have your friend (or yourself from the house of your friend) try to connect to the dyn dns name set up or to the external IP as reported by whatsmyip.org.
This is all assuming your test mate is not on your same network, if he is, just using the local IP address (shown via ipconfig or ifconfig) instead of the external IP address and making sure the first step is covered (web server listening to outside requests) should be enough and nothing else is needed!
You most likely do not have your port 80 forwarded to your machine which is the reason he cannot connect when using the IP that was returned from whatismyip.com.
Assuming you're on a windows box... do
Start->Run->cmd then type
ipconfig
If your address starts with 192...* or 10...* this is your Local Area Network (LAN) IP. If this is the case, then your isp provided you with a router. Look for a setting called port forwarding or "application setting" which allows you to forward all incoming traffic on your router to a particular IP address. Go into your router's configuration settings and make sure port 80 (and maybe 443 if you're using ssl are forwarded to your local ip).
The other problem you mentioned is you do not have a static IP. This is a common problem and no you do not need to buy an address. There are several sites which can provide you a free dynamic dns host. Try no-ip.org.