We have created self-hosted services using OWIN. They are working fine inside the server and we can request and retrieve information using the http://localhost. We use a different port for each service so that we can go and get certain information from http://localhost:8001, other from http://localhost:8015 and so on.
Now, we need to expose the results of one of those self-hosted services to access to it through internet. We'd like to provide a custom address such http://ourpublicinfo.mydomain.com:8001 or using the server ip such http://209.111.145.73:8001.
Is that possible?
How can we implement it?
Our server OS is Windows Server 2012 R2
OWIN Self-Hosted apps can run on a Windows Service, as a Console process and, with if desired, as part of a more robust Host like IIS.
Since you mention your app is running as a service you're probably missing all the GUI goodies IIS provides. In reality however, IIS works on top of http.sys, just as HttpListener does (which is probably what you're using to self-host your app) 1. You just need to do some manual set up yourself:
First of all, you need to make a URL reservation in order to publish on a nonstandard port.
Why would you do that? Quite simply because you're not running under localhost alone anymore on your very own local machine, where you probably are an admin and/or have special privileges/powers.
Since this is a server, and the user used for running the Service might not be an admin (most probably), then you need to give permission to that user to use that URL... and here is where URL reservations come into scene.
You pretty much have to options:
open up the URL to be used by any user:
netsh http add urlacl url=http://209.111.145.73:8001/ user="everyone" listen=yes
or open up the URL to be used by the user(s) running the service, e.g.: NETWORK SERVICE:
netsh http add urlacl url=http://209.111.145.73:8001/ user="NETWORK SERVICE" listen=yes
There is a way to make the reservation for several users too, using sddl, user groups, etc... but I'll not get into it (you can look that up).
Second of all, you need to open up a hall through your firewall (if you don't have one on this day and age, I pity you!)
There are plenty of tutorials on this. You can use a GUI, netsh.exe and what not.
Pretty much all you need to do is make sure you allow incoming connections through that port and that should do the trick.
To make sure the hall is open through and through you can use a tool like http://www.yougetsignal.com/tools/open-ports/ and insert 209.111.145.73 in the Remote Address and 8001 in the Port Number.
If for some reason it shows that the port is closed, even after creating an incoming rule in your firewall for it, then you probably have one or more firewalls in between your server and the outside world.
With those to elements in place you should be able to access your Self-Hosted Service from the outside.
As for accessing your service through an address like http://ourpublicinfo.mydomain.com:8001, you'll need to create a DNS entry somewhere, most likely on your Domain Registrar for mydomain.com, where you could create an A Record for your ourpublicinfo subdomain pointing to 209.111.145.73.
From this point on, you should be able to access your service through direct IP and Port or through the afore mentioned URL.
Best of luck!
Note:
If your service will be access from other domains, you might need to make sure you have CORS (Cross Origen Resourece Sharing) well defined and working on your service too ;)
Related
I have developed Yii2 CRUD application using models, controllers and views. It is used locally on PC. I wanted the users to use it online.
For eg. I have www.example.com and I wanted to make this yii2 CRUD application available on this site. What are the steps?
Your question is not very specific, therefore you haven't received an answer. I'm assuming you are asking about how to use your local PC as the server for an online site. Otherwise please clarify your question.
You will need to do the following steps:
Point the domain name to the public IP address behind which your local PC is sitting. You can find that by going here: http://whatismyipaddress.com/
In your router you need to set up port forwarding (NAT rules) for port 80 (or 443 if using https) to your computer's local IP address.
Depending on your Apache configuration (or whatever webserver you are using) you need to ensure it serves the right website. This is too broad a subject that I can give you any details here.
Note that you are now opening up your local computer to the Internet and hence you should be aware of the security implications it has.
How can i host a website through my computer using server softwares?
I tried to host a website through my own computer using apache tomcat server but it didnt work ( please briefly explain every point )
The main issue that you need to deal with is getting the clients to your computer.
Yes, it is possible and yes I have done it, albeit a while ago.
You need to see if you can browse to your computers website from another device on your network, this will ensure that apache is working. Try another computer/laptop/tablet/whatever to see if this site reachable by other computers using the IP Address and possibly port number. If you cannot get to the site, there are settings in apache to deny certain ip's, google it to get the exact steps for your version. If it works, move on to step 2.
You will need a static IP Address to ensure that all further steps stay working, google this if you are not sure how to do it
You need to have the external IP address of your router(whatsmyip.org) or use Dynamic DNS to route traffic from an address to your ip and there are services that allow this. I can recommend no-ip.com - This is all assuming that you have access to the router.
You would be required to set up port forwarding on your router. This will direct the internet traffic to your computer. You will need to get the exact instructions for your specific model of router.
Please be aware that you need to have proper firewalls and systems in place to prevent attacks. I am sure that you are just testing at this point though...
All the best!
I installed usbwebserver
everthing is running, I am trying to reach the root page index.php?
I read everything I possibly can and sorry but I still cant figure out how to reach my localhost
I reach my page with localhost:8080 and the page I want shows up but if I replace it with IP:8080 it does not.
I am trying to reach this page outside of my local network.
I'm sorry, I need to provide you a separate answer for your reformatted question for the "down the street" scenario. I can troubleshoot a few of the issues you're probably having.
ISP's don't typically allow residential internet connections to serve resources over port 8080, or 80. Even if you were to configure your computer as needed, if you're on a standard internet service provider they're probably blocking you in the middle even if you have punched holes all your local security in an attempt to serve assets over port 8080/80.
Assuming they don't allow that you're going to have to first configure your outbound middleware(php in your case) to listen to calls into your ip on a different port. ( You can do this in your C:\WAMP\ folder, in the "wampserver" configuration file. Here's a good walkthrough here: (http://forum.wampserver.com/read.php?2,13744)
Now, you're going to have to drop any firewalls windows/ubuntu/macOS are providing on that port. (This is the part where you've rolled out the red carpet for hackers to get into your box(es) so be careful!) Here's a link for a short and sweet explanation on windows here: (http://yourbusiness.azcentral.com/turn-off-windows-firewall-19396.html) Note that you can open individual ports, you don't have to drop your entire firewall.
Make sure you have opened up access to any folders/mySQLdb's/resources to outside requests as well (seriously, this is a REALLY bad idea from an #home server if you don't know what you're doing)
Then figure out the correct ip and the correct port and give it a go! If it still doesn't work you can download a program like [wireshark] (https://www.wireshark.org/download.html) or [fiddler] (http://www.telerik.com/download/fiddler/fiddler2) to debug your inbound/outbound traffic and see what the machine's seeing before your browser/server gives you any user visible information.
One thing to note, if you are an amateur web developer your homepage is called "index.html" not "home.html" "home.html" only works fine locally, but internet browser engines look by default, for "index.html"
Lastly, and I really can't stress this enough don't host through your personal ISP and serve files from your own machine. Hosting through Fatcow, or hostgator, or any of the other hosts is really honestly dirt cheap and they know far better than you or I do about security.
That said, I hope very much that you succeed in using my answer, or at the very least learning something from it. Happy Coding!
http://www.canyouseeme.org/
--
Read the Background session
go to a command line, type "ipconfig"
Hit Enter.
Under "Ethernet adapter Ethernet:
It should be the third line down, has your following:
IPV4 Address : 192.168.1.xxx where "xxx" is your ip
address.
USE "//" + "the ip address shown for (ipv4)" plus ":8080" and your default page
should show just fine.
For example, if your cmd "ipconfig" for this process reads: "192.168.1.12"
your total URL in your browser will be "//192.168.1.12:8080"
Note that I used 2 forward slashes prior to using an IP address on your
local network. That let's your computer know it's using your network, not
the actual internet. The slashes alone may solve your problem. Also note, if you're accessing a database through your webapp, you will also need to properly configure your db settings to allow access.
First find your outside ip adress not local ip. After that go into router panel and open to use from apache server. Anyone able to access that port now. You can connect outside your local website now. If you can't do that. Try again. This is the way to doing this.
I've recently purchased a cloud server which has public IP and I am using it to host an xmpp server.
My first task was to ensure my users connected using my subdomain - as an example m.chat.com.
In my configuration I have the following:
%% Hostname
{hosts, ["m.chat.com"]}.
I then created an admin user with that domain.
In parrellel I have created the following DNS record with my host provider, hostgator for my subdomain m.chat.com
Name TTL Class Type Record
m.chat.com 14400 IN A [IP of the server]
One thing that puzzled me was my ability to access the ejabberd web admin console. This was achieved via: [IP of the server]:5280/admin however I could not access it via m.chat.com:5280/admin
That aside, inside the web console, under "Virtual Hosts" I could see the host "m.chat.com". I created a user "user#m.chat.com" and tried to connect via Adium.
Inside Adium, simply typing in user#m.chat.com with the password did not work. Instead I had to also specify the "Connect server" which in this case was the [IP of the server].
It has connected fine and I have registered other users to check everything is working and it is.
Then I thought I'd go back to the ejabberd configuration and start messing around. I changed the hostname to the following:
%% Hostname
{hosts, ["m.chat.com", "facebook.com"]}.
I registered a user with that domain and restarted ejabberd. Upon checking the web console, to my surprise, I could see the Virtual host "facebook.com". I tested this user in Adium with the [IP of the server] defined in the "Connect server" section and it connected fine. I asked other people with their own internet connections to use this account on their PCs and they were able to connect too.
Story over - my question to everyone is how is this possible? Am I missing something? Is there no domain authentication. After searching online, it seems you can even use fake domains.
If I am to operate my own service in the future (iOS chat app) I do not want anyone using my domain names with their own public servers.
Can someone shine some light.
Thanks!
Edit: A second question - Preferably I do not want to have to define the "Connect Server" upon using a client. I would like the client to recognise the #m.chat.com domain and establish a connection to the Servers IP automatically. Have I configured my DNS record correctly? For anyone else using Hostgator, is there an additional task I must do?
Edit: I can now access the web console via m.chat.com:5280/admin and I no longer have to specify the Connect server when using a client. I didnt do anything, I think it was a case of Hostgater updating the DNS or something, they say it usually takes 4 hours. However I am still slightly puzzled as to why I can create accounts with the facebook.com domain. I understand that because I can not access the DNS admin for this domain I can not create any records but that does not prevent me from using the domain and just specifying a Connect server.
Your initial problems (unable to access the server by using m.chat.com) were almost certainly DNS issues, and it seems you have isolated that down to the time taken to update the record.
Your second question - about the fact that you can name virtual hosts without restriction, is simple but interesting. What makes you think there should be any kind of restriction? It would be like you dictating that I can't save "m.chat.com" in a file on my disk, or that I can't send "m.chat.com" in a message across the internet.
This is why DNS exists and is structured the way it is. Although I can tell my server that it hosts facebook.com, nobody will connect to it because the DNS record for facebook.com does not point at my server (users generally don't set the "connect host" manually). Which begs the question... why would I want to tell my server it hosts facebook.com, and if I did, why should Facebook care?
An additional, but relevant, identity layer on top of DNS are certificates - which clients should validate for the virtual host name in spite of any "connect host" set. Since it's not possible to have a certificate for facebook.com, clients should generally pop up warnings or fail to connect at all. If they don't, they're probably not validating the certificate correctly.
I have a development server (Java servlet container) running on my computer inside my private network (IP range 192.168.0.0 to 192.168.255.255). This development server executes my integration testing environment. This testing environment has its own Facebook App ID. Having the server run in the 192.168.x.y range allows my colleagues to test the website, login to my local website with their Facebook accounts etc..
At https://developers.facebook.com -> in the Facebook Apps settings -> located under "Basic settings" -> in the "Website with Facebook Login" field, I have set http://192.168.2.106:8080, as this is the address-port combination that my development server binds to.
Due to DHCP, my computer now has a slightly different IP address, namely 192.168.2.109. Whenever I start up my server and then try to do anything Facebook-API related (e.g. Facebook Login), I get the following error message from Facebook
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException",
"code": 191
}
}
Is there a way to have a Facebook App allow a "range of IP address websites with Facebook Login"? What other solutions can you suggest?
My colleagues shall be able to also start up the development server on their own machines, with their own private network addresses. Therefore, the same Facebook App ID shall work on different machines with different IP addresses and still be accessible to everybody inside the private network.
Notice that setting "Website with Facebook Login" to localhost makes the development server only available to the same machine it is running on. This unfortunately prevents colleagues from accessing this development server instance.
Update
Filed bug: https://developers.facebook.com/bugs/606277079382609
If you could get away of using localhost, then there is a very simple way:
Make the facebook app redirect to http://lvh.me:3000/ (or whatever port your server is listening on localhost). A benevolent developer owns the lvh.me domain and had the DNS setup to point to localhost. I've tried this and that's what I used for development testing.
Similarly, you could do stuff like that and points a DNS record of a domain you own to a range of local ip. I am not familiar with DNS so I am not sure how to set it up or if it's possible.
If you're running on Windows you could try changing your hosts file in C:\Windows\System32\drivers\etc
and add your IP to an imaginary domain (your colleagues should do it too) and put that domain in Facebook Settings panel.
I'm not sure about this so tell me if it works :)
As far as i know you cannot setup an IP range in your application setting, the redirect_uri is typically meant to handle urls with domain names, which is usually the case with with public websites.
The best way to avoid this problem is to make sure you local development server has always gets the same IP, which is generally a good practice if you are writing a server.
there are several ways to do it depending on the network setup, here are two option:
Setup your DHCP server to always assign the same IP to your dev server MAC address
Bend the rules a little bit and setup your computer to claim an unused IP address. DHCP servers typically assign IPs in order (will start from 192.168.1.1 and work up to 192.168.254.254) so have your computer claim an IP in the higher part of the range (Ping the IP first to make sure it's not being used)
Instead of using an IP address, use localhost.
So hxxp://192.168.1.20 would become hxxp://localhost
(replace xx with tt)
This resolves back to the local machine, whatever its IP address is. I am assuming that your development server is running on your PC, using WAMP or something similar. I draw this assumption because you state that it must run on any laptop in any network environment.
If you own a domain you could create a subdomain test.mydomain.com pointing to 192.168.2.109.
When your address should change again, you can change the entry accordingly.
There is no reason why a DNS entry could not point to a IP address from the 192.168 range. For someone outside your network it will not be of much use, because he can't access your IP address from the outside, but for your co-workers within the network it will work.
If a coworker wants to run the web app on his own PC, he can of course override this setting using his own hosts file.