Login  Sign Up
Logo
expose local web server

3 different ways to expose local web server

In this article, I will write about techniques of how to expose local web server to the world and access it through the internet. Small spoiler – of course, there are many possible ways to achieve this goal will be discussed in this article, however, I will focus on mainly Tunnel In’s approach, since this method is easy, secure & flexible!

Whether you are a developer who is coding the next successful web platform, or you are a smart home enthusiast who automated home using great products such as Home Assistant, OpenHab or Node-RED, you’ll definitely like to present or control these applications over the internet. Let’s go and dig into more details:

 

Port Forwarding

This method is widely spread among beginners. It is all about configuring the router to forward the external IP address port to your local machine’s IP address and web server’s port. Sometimes some people event configuring DMZ (demilitarized zone) and putting the server in this zone to be able to access it from outside of the local network. What is wrong with this method?

port forwarding

First of all, it is problematic to describe and write “how-to” on this topic, since every router has its own UI where you should configure the port forwarding, however, in most cases, it is pretty easy to achieve it.

Nowadays all Internet Service Providers rotating residential IP addresses. So you are not guaranteed that after an hour you left the home and try to open your IP address from somewhere else it will be your router’s external IP address. Yes this situation also has a solution – you can start some script or program which will periodically send your IP address to some service (Dynamic DNS) where you can learn your IP address or for convenience, such services provide you a URL which points/resolves to your IP address. 

The problem with this URL is DNS record caching – when you open your URL for a first-time, browser asks OS, OS asks DNS resolver and so on until every node in this chain knows about your IP address. The issue is they are caching this information and the situation when your IP address has been changed however your URL pointing to your previous IP address may occur. Sometimes even some ISPs are violating the rules and are caching records for 24 hours or more without taking into account TTL (time to live) value of the record.

The situation is getting worse in the case when your ISP does not assign your router a real IP address – so-called Double NAT scenario. It makes it impossible to host services!

Another sort of issue is arising when you want to configure port forwarding when you are outside of your local network.

We can continue this list very long, however, I think it is enough. The last thing I want to add to this list is the lack of a firewall, so you should implement additional mechanisms to protect your resource.

 

VPN

Virtual Private Networks is another monster technology that allows “exposing” your local web server. To be correct it is not exposing anything, instead, it is creating a virtual network and placing 2 or more computers into that network. Thus these computers can access “directly” one to each other. This method is secure (yes there are some versions that are deprecated and not recommended to be used, even operation systems dropping the support and refusing to connect to such networks).

VPN schema

Despite solid security, VPNs provide it is quite complicated to setup and not convenient to maintain. Imagine a situation you want to share your local development with your colleagues, so you have to have a VPN server somewhere in a cloud than you should setup some client which will make your computer to be “always online” on VPN network i.e. it should automatically reconnect to VPN once connection dropped, etc. Even this is not a full story, you should ask your colleague to configure and connect to the same network to be able to access your machine – which is really complicated. Moreover, it is hard to allow someone to connect to your network and meantime restrict access to only one IP address and port of your machine i.e. you should really trust a person to welcome this person on your private network. Even if you choose this complicated path to share your local web server with someone you are not solving the problem completely – you don’t have a single URL to expose your local web server. What if you want to share your test version to the whole globe?

 

Tunnel In method to expose local web server

Tunnel In combined best from both worlds and even more. As a result with a single click Tunnel In will provide a mechanism to on-demand start a tunnel that exposes your local web server meantime, your web server is directly not accessible and protected by a firewall. 

The great thing about Tunnel In – it is not required to have technical skills to setup and configure your tunnels, moreover out of the box you are getting security and flexibility.

tunnel in schema

It is very easy to setup and use Tunnel In:

 

1. Create a FREE Account 

2. Setup Tunnel In agent on your machine

3. Get access to your machine from Tunnel In’s web portal

4. Configure tunnel to expose local web server 

5. Start and stop the tunnel whenever you want via a single click

 

Beside exposing local web server with Tunnel In you can expose almost all web services running on your machine such as RDP, VNC, SSH even you can expose your database, IP camera stream, proxy, etc.

 

In terms of security Tunnel In has a military class of security i.e. it uses end-to-end encrypted tunnels to forward your traffic as well as it has an easily configurable firewall, so you can list IP addresses to whom you want to allow to see your services. In addition, Tunnel In’s firewall support dynamic mechanism to detect your IP address, so you can be guaranteed that every time you start a tunnel it allows only you to see this traffic. As well as you can configure the firewall of Tunnel In to limit connection initialization time and limit connection count i.e. it will drop allow maximum 6 connection in every 30 seconds interval.

 

For enterprise use Tunnel In suggesting its package delivery mechanism to your machines and ability to perform real-time actions on your machines remotely. It provides an API to integrate with your services, so you can omit the development of a big portion of the product and rely on Tunnel In’s capabilities. It can monitor your devices, can update your software periodically, can schedule and perform actions remotely, and many more.

Tags:
Tunnel In

Leave a Comment

About This Site

This is Tunnel In blog where we are writing about our service capabilities, how-tos, and about similar technologies.

 

Find Us

Address
16 Mashtots avenue,
Yerevan, Armenia

Email
[email protected]

Mobile
+(374) 95-08-99-80

 

We are using Tunnel In for managing tons of EDGE network servers. It is great to have such a tool and from one console to monitor and manage all our servers.

Vahe Shadunts

CEO | WebMarlin

Relying on Tunnel In's enterprise solutions, we were able to develop our context-aware digital signage platform in a very short amount of time.

Vahan Simonyan

CEO | MonitorSync