homepage Welcome to WebmasterWorld Guest from 54.205.189.156
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
nobody can connect?
scholzie




msg:1505210
 11:44 am on Jan 10, 2006 (gmt 0)

Hi,

I am trying to get a web server setup with PHP and MSSQL both PHP and MSSQL work I have tested them, all is working on my computer just fine,

Im useing,
Windows XP Pro
Apache 2.0
PHP 5.0.4
Microsoft SQL Server 2000

nobody on the net can acess my site but I can view it on my computer obviously because its running from my computer but ive been trying for ages now and I just cant figer out why it is not working, its obviously something with them being able to connect to it so maybe it is something that needs adding, changeing? I really dont no, someone said if i can view it that it means apache is setup correctly and they also said that something must be blocking it but what? its not my firewalls because ive tryed with them off and people still cant access it :(

thoughts, ideas?

Thanks

 

coopster




msg:1505211
 2:18 pm on Jan 10, 2006 (gmt 0)

Welcome to WebmasterWorld, scholzie.

How are they trying to connect? I mean, what are they typing into their browser's address bar?

scholzie




msg:1505212
 2:27 pm on Jan 10, 2006 (gmt 0)

sorry i removed them now and [nnn.nnn.nnn...] does work without haveing it on listen but still other people cant view it

[edited by: scholzie at 2:42 pm (utc) on Jan. 10, 2006]

coopster




msg:1505213
 2:34 pm on Jan 10, 2006 (gmt 0)

OK, you might want to edit your messages there and obfuscate that public IP address as WebmasterWorld doesn't allow specifics. Change it to something like 'http://nnn.nnn.nnn.nnn/home.htm' and explain that the 'nnn' portion represents a public ip address.

Now, the first question is, do you have a static IP address assigned to you by your ISP and if so, does the 'nnn' number represent that address?

scholzie




msg:1505214
 2:43 pm on Jan 10, 2006 (gmt 0)

yes I have a static IP and yes it does

coopster




msg:1505215
 2:52 pm on Jan 10, 2006 (gmt 0)

And are your folks not connecting at all or are they getting any form of response from your server? I already know the answer to this one as I hit the IP before you removed it ;) I received a 404 Not Found error.

So, let's analyze the situation. You are able to retrieve pages from your server by typing what in your browser? 'http://localhost/home.htm'? And if your public users try 'http://nnn.nnn.nnn.nnn/home.htm' they are served a 404. So, if you look in your Apache access_log you are probably showing the 404 error when they hit your server, correct? You should indeed see that error there, as well as the ip address they are attempting to connect from. You should confirm this first...

scholzie




msg:1505216
 2:59 pm on Jan 10, 2006 (gmt 0)

yes i am so,

192.168.0.2 - - [08/Jan/2006:21:50:41 -0800] "GET /favicon.ico HTTP/1.1" 404 304
127.0.0.1 - - [10/Jan/2006:06:25:40 -0800] "GET /home.htm HTTP/1.1" 304 -
127.0.0.1 - - [10/Jan/2006:06:25:41 -0800] "GET /favicon.ico HTTP/1.1" 404 293

think the 127 ones you? they are the 404's I think does it not show peoples IPs correctly because there are no other correct IPs apart from mine they look like the ones above.

hmm they all seem to be 404 when I tryed to connect to it useing the IP just now it says the connection was refused when attempting to connect (thats with firefox) still works with localhost for me, and my friend just tryed to acess it and he says it said page cannot be display, strange :(

scholzie




msg:1505217
 3:22 pm on Jan 10, 2006 (gmt 0)

[nnn.nnn.nnn...] for me in IE says page cannot be displayed says that for my friend also, but [localhost...] works for me strange [nnn.nnn.nnn...] was working for me before not them though, but now its not working for me either just localhost

coopster




msg:1505218
 5:18 pm on Jan 10, 2006 (gmt 0)

Well, those IP address are all private IP addresses so unless something in between the public and your server is handling requests, those 404's aren't from me. But I am indeed receiving 404 errors. Here are the Response Headers being received in a browser:
Date: Tue, 10 Jan 2006 17:10:51 GMT 
Content-Length: 326
Content-Type: text/html
Server: NetCache appliance (NetApp/5.5R6D38)
403 Forbidden

Basically, once you have your server setup and running you need to get it to a point where people outside of your LAN can access it. If you are running a firewall, this is typically setup in the DMZ setting of your firewall.

scholzie




msg:1505219
 8:53 pm on Jan 10, 2006 (gmt 0)

DMZ setting of firewall? ive tryed it with both my firewalls off win xp one and personal one and people still cant connect this is what lead me to posting here I dont have a clue whats wrong and ive spent 3 days trying to figer it out still with no luck :(

scholzie




msg:1505220
 4:20 am on Jan 12, 2006 (gmt 0)

"bump"

jdMorgan




msg:1505221
 1:34 pm on Jan 12, 2006 (gmt 0)

The term "firewall" usually applies to a hardware firewall or router, connected between your modem and the local area network made up of your PCs.

Your router must be told to 'map' the public IP address of your modem onto an IP address inside your local area network for requests on port 80 (HTTP) and perhaps for ports 443 (SSL) and others, (FTP, SMTP, etc.)

Addresses used on local area networks are not routable on the internet, and your 'server' PC won't recognize the IP address used to send data from the internet to your modem, so the router/firewall must be configured to 'forward' requests sent to your modem's IP address on port 80 to port 80 of your PC's IP address.

I hope that helps. There are a million things that can go wrong, so if no-one here correctly guesses the problem, I suggest that you spend the time researching rather than waiting for a miracle here. Your modem and router manufacturers' web sites are good places to look for information on port forwarding, DMZ configuration, and other subjects already touched on here. Example [kbserver.netgear.com].

Note: If you do not have a firewall router, then buy one. Your chances of avoiding exploits with your server connected to the internet for more than 24 hours without a firewall are about 20%. You will get your first exploit attempt, on average, about 17 seconds after connecting your server to the internet.

Jim

scholzie




msg:1505222
 9:12 am on Jan 13, 2006 (gmt 0)

you just confused me jim! It still does't work even if I turn all my firewalls off... and i dont have a router. my computer connects to the internet via a box witch is connected to my computer via USB and my other computer is networked to this computer useing a crossover.

jdMorgan




msg:1505223
 4:39 pm on Jan 13, 2006 (gmt 0)

> internet via a box witch is connected to my computer via USB.

Then this 'box' is what you need to investigate. It may not even be capable of delivering ('port forwarding') inbound requests to your server. Or your ISP may block inbound requests as network management policy (many do, since running a server upsets the balance of incoming versus outgoing traffic that their networks are designed to support). Download the user's manual for this 'box', read through it, and see if it discusses running a server behind it. If not, contact the manufacturer's tech support.

A friendly warning: As soon as you get this working, shut down the server and start shopping for a hardware firewall. Software firewalls have inherent limitations* that make them unsuitable for use with a server, and unless you are a server security expert, you will expose your LAN computers to the full onslaught of exploit attempts directed against IP addresses that support inbound connections. If this is just a 'fun' experiment, and you can afford to lose (have stolen) all files on all computers, and won't mind re-formatting the hard drives, then don't worry about it. But take this risk seriously. You'll have malicious agents making requests within seconds of enabling your server.

Just for reference, on my IP address, between the time I logged off last night and logged back on this morning, my firewall recorded 93 intrusion attempts -- and I don't even run a server on it.

* The most striking is that before a software firewall can even begin to work, a inbound connection will already have been made to your computer. This is essentially letting anyone into your house before identifying which are good and which are criminals. Some of the worst problems are simply denial of service attacks, where the criminals are not violent, and don't steal much, but there are simply so many of them going in and out of your door that they jam up your doorway, and not even your friends can enter.

If you have access to a computer outside your network, try using 'Ping' to send test packets to your computer's public IP address and to your domain name. This will tell you whether your 'box' will accept any incoming connections, and whether your DNS is properly configured.

Jim

scholzie




msg:1505224
 10:06 am on Jan 15, 2006 (gmt 0)

i can port forward as i run a game server and it works fine just this does'nt.

coopster




msg:1505225
 8:07 pm on Jan 17, 2006 (gmt 0)

You typically don't want to use the port forward feature of the router for hosting an HTTP server, especially if your router has a DMZ Host option. With many routers you must disable the router's DHCP function to utilize port forwarding on port 80.

Much safer to just use the DMZ Host feature of your router.

LeChuck




msg:1505226
 10:14 pm on Jan 17, 2006 (gmt 0)

There are very good reasons why even skilled admins often choose to go either with shared hosting or colocation for webservers. Less hassle, less risk. Let someone else worry.

I wouldn't like having my home LAN compromised just to save $10 in hosting fees. There are numerous security implications beyond simply being hacked that come from hosting your sites on your home connection.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved