View Single Post
  #22  
Old 9th April 2013, 12:24
danhansen@denmark danhansen@denmark is offline
Senior Member
 
Join Date: Mar 2013
Posts: 249
Thanks: 53
Thanked 4 Times in 4 Posts
Exclamation /etc/hosts, listen *:80; & DMZ

Quote:
Originally Posted by markc View Post
It seems your problem is solved and you can now access your ubuntu servers default web pages from the outside world so my advice would not be necessary.

I use nginx and it's sites-enabled/100-mysite.vhost listen directive is "listen *:80;" so it's listening on my 127.0.0.1 and 192.168.xx.xx IPs by default. From the inside of my LAN I have no problem bringing up a page for the domainname associated with the EXTERNAL IP of my router, but I am using a DMZ from the router to my internal server.

What I did have a problem with is using this server as a DNS slave and for the life of me it would not transfer the /etc/bind/slave records and I think it finally worked after this tweak which means I may not have disabled apparmor on this Ubuntu raring server.
Code:
~ cat /etc/apparmor.d/local/usr.sbin.named
# Site-specific additions and overrides for usr.sbin.named.
# For more details, please see /etc/apparmor.d/local/README.

/etc/bind/slave/ lrw,

Hi Markc,

Thanks for that and yes it works now! But there is a couple of things that still would like to fix

1. As you write you have "...got no problem bringing up a page for the domainname associated with the EXTERNAL IP of my router"
But I still do and you gave me this advice earlier on: "...and on your linux desktop add "192.168.xx.xx yourdomainname.tld" to /etc/hosts to force your browser to go directly to the webserver on the LAN IP."
To this I ask: Do I have to do this for all my domains/websites that I want to go directly to? (myfirstdomain.tld, myseconddomain.tld, mythirddomain.tld etc.) And, do I have to make both "192.168.xx.xx myfirstdomain.tld" and "192.168.xx.xx www.myfirstdomain.tld" if I want to reach domains/websites with and without "www" in the browser - or is this "handled" in ISPconfig's "subdomain" function!?! Sorry for that!

2. Regarding: "...listen *:80;" so it's listening on my 127.0.0.1 and 192.168.xx.xx IPs by default..." and "...When you configure the webserver, tell it to listen on the INTERNAL LAN IP..." I am not sure if my system "ISPconfig3 Single Server System - Ubuntu Server 10.04" have anything listening on any ports default - I haven't seen this in any of the 3 files I posted. So I ask, do you think that there is this "listening on port 80" anywhere in this default setup? Or, do you think I need it now that the websites is working from the outside?
It's just that I don't know exactly how this controlpanel works, I haven't "activated" anything "virtual", but maybe there is several "virtual" functions that I just dont understand. Back in the days we used 1 public IPnumber per clients domain/website which we had the nameservers point at. Simple and easy. And he keeps on going! Sorry about that too.

3. Regarding the DMZ you told about, I to use the DMZ function now, after having my modem/router reset and knocked back into the stoneage. I thought about it after reading your post and decided that I too wanted to use this to function. There is all kind of security installed on the ISPconfig system and a firewall to be activated. Normally, and back in the days where I as an ISP used (with Microsoft IIS Servers" I had all servers on the public/unsecure side of a router. That was the way to do it then and this is the way to do it now, I se that. To have some security on my workdesktop which is also on this Internet connection, I configured another router (DLink DIR-655) to run DHCP on another subnet with full protection and everything. So from here on there is only "finetuning of the system" to do and some adapting too.

Thanks for everything - looking forward to hear from you.

Kind Regards,
Dan
Reply With Quote