Help opening ports on home network to host webserver

ebparadise

Hi everybody, I'm new here and I did introduce myself earlier so feel free to take a look at my post at Introductions.

I've been studying networking and I like applying my knowledge as much as I can to get the best experience but I'm currently just a bit stuck about ports and port forwarding.

They say 'be careful opening your ports, if you don't know what you're doing you can compromise your network!' etc.

But my goal is this; host an apache2 webserver on my Linux laptop or my RPi 3 B+.

This is not difficult, I am able to access the web server from within my LAN. But if I want to be able to access it remotely I need to forward a port from my router to the host of the server. How do I do this securely, as a beginner? What actual risks are there to opening ports just by setting up port forwarding and nothing else? How do I do the same if I want to remotely SSH into my machine at home?

Really appreciate your answers, thank you.

mikey88

ebparadise said:

They say 'be careful opening your ports, if you don't know what you're doing you can compromise your network!' etc.

You can always place the public facing server in a dmz to isolate it from the rest of the network. But most home networks are like a few PCs and a printer. Not in the same exposure level as a business.

Take a look at this website: https://portforward.com/router.htm It'll give you step by step instructions on how to do it based on your router model.

You'll also want to make sure you have a static IP that does not change or may need to look into a dns service like DynDNS. You can also configure your web server to listen on a random port other than :80 Security through obscurity as they call it.