I am hosting a LAMP (Linux/Apached/MySQL/PHP) based wordpress site from my home office (VirtualBox based).
To support the LAMP installation. I use a service provided by noip.com called “Plus Managed DNS”. noip.com supports all my DNS needs and a domain is registered thru them for my wordpress site. noip.com also supplies DDNS for me as my ISP does not support fixed IP addresses for residential accounts.
The ISP I use is Cox. Cox Cable blocks inbound traffic on port 80 and others as follows. Here are SOME of the ports Cox blocks.
| Port | Transport | Protocol | Direction | Reason for Filtering |
|---|---|---|---|---|
| 25 | TCP | SMTP | Both Note: SMTP is only permitted outbound to Cox-provided SMTP servers. |
SMTP Relays |
| 80 | TCP | HTTP | Inbound | Web servers, worms |
| 135 | UDP | NetBios | Both | Net Send Spam / Pop-ups, Worms |
| 136-139 | UDP, TCP | NetBios | Both | Worms, Network Neighborhood |
| 143 | TCP | IMAP | Inbound | Without Transport Layer Security (TLS) enabled, customers are more susceptible to having their passwords compromised |
| 445 | TCP | MS-DS/ NetBios | Both | Worms, Network Neighborhood |
| 1433 | TCP | MS-SQL | Inbound | Worms, Trojans |
| 1434 | UDP | MS-SQL | Inbound | Worms, SQLslammer |
| 1900 | UDP | MS-DS / NetBios | Both | Worms, Network Neighborhood |
Fortunately, noip.com provides a relatively simple work around to this which I call a “port redirect”. The port redirect is implemented in two major steps. Note: this post assumes that DDNS is setup with some like noip and configured properly in your router.
- Add a “port forward” within your router.
- Add a “port redirect” with noip.
For the “port forward” I use a netgear router with Netgear Genie web based interface. Here are the steps to setup the port forward.
First I add an entry as follows for forwards external inbound traffic on port 8087 to 80 – as my webserver works on 80 (I know I could change that).
The second step involves setting up the port redirect with your DDNS / DNS Manager. I provide a text description of how that is done with noip.com.
At noip.com login then, pick the menu item “Host / Redirect” and select “modify” on the host name you want to modify… then your setup will look something like this. In this case I’m doing a port 80 redirect to 8087 as follows:
Now it’s just a matter of waiting until the DNS change propagates which should not take long. I use tools like the following to make sure that has been done right.
nslookup
http://www.portchecktool.com/
Now, I should add that – there is a problem with this approach – the redirect is not working properly and standard support is only open Monday thru Friday at noip.com. So, I’ll update this post later with the problem/solution as it is Saturday.
While I still have a problem, I do have an update. I incorrectly assumed that “nslookup host.mydomain” would be updated with my IP – it is not – it is updated with noip.com’s redirect server which is (at the time of this writing):
[root@ip-172-31-23-46 html]# nslookup www.xxxxx.net Server: 172.31.0.2 Address: 172.31.0.2#53 Non-authoritative answer: Name: www.thindb.net Address: 34.198.182.201
Again, I still have an open issue which is likely related to issues on my side of my router… updates to come…