# My Apache Webserver is publicly accessible only from certain IP addresses



## getwhatUwant (Aug 5, 2005)

My Apache Webserver is publicly accessible only from certain IP addresses

I am hosting through optimum online and it seems as if only users with optimum online IP addresses can see my website on their computers. The site is being hosted through a port other than the standard port 80. the website is: getwhatUwant.com

Can anyone give me an idea of why this may be happening? I can access my website from my own computer, and anyone (seemingly) with optimum online can also access my website. Most people who do not have optimum online can not see my website on their computers. When I try to connect to my webserver from my own computer through an anonymous proxy (obtained from proxy4free.com), I am unable to see my website on my own computer! 

WEBSERVER IP ADDRESS: 24.187.119.190:65254

APACHE 2.05
SUN ONE ASP 4.0.0.2
PHP 5
MYSQL 5.1
FREE DNS SERVICE PROVIDED BY SITELUTIONS.COM

THe computer is connected directly to the internet and is part of a windows xp home network in which all computers are connected by a HUB (not a router). 

If someone can help me out here, I will very greatly appreciate it. I spent so much time developing my website only to find that it is not accessible to anyone who does not use optimum online as their ISP. Please let me know how i can fix this problem and give me some hints as to what may be causing it. THanks


----------



## brendandonhu (Jul 8, 2002)

Seems like Apache isn't set up correctly.
Its offering index.htm as a download instead of serving it as a web page.
Also- if you updated your DNS within the last few days, it might take some time before the change propogates to all ISPs.


----------



## getwhatUwant (Aug 5, 2005)

Can you help me set it up correctly? I know the website works great on my computer and on any computer that connects to the internet through optimum online. Would having apache set up to serve index.htm as a download result in the website working for some IPs and not for others? Thanks


----------



## brendandonhu (Jul 8, 2002)

The mime type for .htm files is set to application/x-httpd-php
Its causing the site to offer index.htm as a download instead of a website

Is there PHP code in the file index.htm?


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> The mime type for .htm files is set to application/x-httpd-php
> Its causing the site to offer index.htm as a download instead of a website
> 
> Is there PHP code in the file index.htm?


No there is no PHP code in teh index.htm file. I removed the htm and html extensions from the application/x-httpd-php line of code. I read somewhere on the internet that it is okay to remove the word "application" as well. Is that correct? The site seems to work whether or not i remove the word "applcation" So is it okay if i just have x-httpd-php ?

Now, you helped me solve one problem (now my index.htm file is actually being loaded rather than downloaded). Thank you so much!

However, there is the original problem I had of people who don't use OPTIMUM ONLINE not being able to connect to my website. I still can not connect to my website using a proxy (proxy gotten from proxy4free.com). Can you please help me fix this problem? This is really troubling me because I've spent so much time developing my website only to find out that it is not accessible to most computers in the world. If you can help, I will greatly appreciate it. If you want, I can send you my apache httpd file and any other files you may need to help me. Thank you so much


----------



## brendandonhu (Jul 8, 2002)

How long ago did you update the nameservers for the domain?
If it was within the last few days, it might take a little bit more time.


----------



## getwhatUwant (Aug 5, 2005)

I believe the problem is not with the nameservers because when i try to connect to my website through a proxy, i can see in the status bar the proper redirection being done from www.getwhatuwant.com to www2.getwhatuwant.com.

I haven't updated my nameservers in months.

Any other ideas on what could possibly be causing this problem? My home network is connected with a hub as opposed to a router but the computer that hosts my website is connected directly to the internet. My ISP blocks port 80 to discourage webserving so I serve my site through port 65254. Any help will be very greatly appreciated. Thanks for thinking about this problem for me!


----------



## brendandonhu (Jul 8, 2002)

Hmm, it works for me (on Comcast)
Can you have someone that can't connect to it do a 
tracert getwhatuwant.com
And post the results


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> Hmm, it works for me (on Comcast)
> Can you have someone that can't connect to it do a
> tracert getwhatuwant.com
> And post the results


Is it possible for you to attempt to connect to the website through a proxy server? You can try this proxy: 64.8.131.194 port 80

Can you then do a traceroute through that proxy? I will appreciate that.

Thanks


----------



## getwhatUwant (Aug 5, 2005)

I used a proxy and then did a traceroute at network-tools.com. Here is the output:

1 0 0 0 66.98.244.1 gphou-66-98-244-1.ev1.net 
2 0 0 0 66.98.241.4 gphou-66-98-241-4.ev1.net 
3 0 0 0 66.98.240.6 gphou-66-98-240-6.ev1.net 
4 1 1 1 129.250.10.229 ge-2-1-0.r02.hstntx01.us.bb.verio.net 
5 8 9 9 129.250.5.40 p16-1-0-1.r20.dllstx09.us.bb.verio.net 
6 9 9 9 129.250.2.185 p16-3-0-0.r01.dllstx09.us.bb.verio.net 
7 9 9 9 4.68.127.45 so-2-3-1.edge1.dallas1.level3.net 
8 9 10 9 4.68.96.121 so-7-0-0.bbr2.dallas1.level3.net 
9 42 82 42 4.68.128.201 as-1-0.bbr1.washington1.level3.net 
10 42 42 42 4.68.121.16 ae-13-51.car3.washington1.level3.net 
11 42 42 42 4.79.18.82 - 
12 42 42 42 66.117.40.21 -


----------



## brendandonhu (Jul 8, 2002)

I was able to access the site just fine through the proxy you posted. However, a traceroute from network-tools.com doesn't go through your proxy. You'd have to have someone connected through an ISP that can't access your site to a tracert from their command line to see where the connection is getting dropped.

Its quite possible that their ISP doesn't allow traffic on that odd port number, or that your ISP is blocking that traffic from some hosts.


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> I was able to access the site just fine through the proxy you posted. However, a traceroute from network-tools.com doesn't go through your proxy. You'd have to have someone connected through an ISP that can't access your site to a tracert from their command line to see where the connection is getting dropped.
> 
> Its quite possible that their ISP doesn't allow traffic on that odd port number, or that your ISP is blocking that traffic from some hosts.


That's weird. Why can't I access my website through that proxy I gave you yet you can? Do ISPs really block access on "odd" port numbers? I wasn't aware of that. Why would my ISP block traffic from some hosts? I can't understand why everyone in the world wouldn't be able to connect to my website. Do you think it is most likely the port number I used: 65254? What else could it be? Thanks


----------



## brendandonhu (Jul 8, 2002)

Your ISP might block access from Proxies, that's a pretty common thing to do.
Many ISPs block traffic by port number as well.
Does your ISP allow you to run a server?


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> Your ISP might block access from Proxies, that's a pretty common thing to do.
> Many ISPs block traffic by port number as well.
> Does your ISP allow you to run a server?


If my ISP blocks access from proxies, how were you able to connect to my website through the proxy I gave you? Since you were able to connect to my website through a proxy, I don't think my ISP blocks access from proxies.

I know for a fact that my ISP blocks traffic through port 80. But I thought that choosing a not-often used port could circumvent this. If my ISP blocked port 65254, why would i be able to connect to my website from my own computer and why would all of my relatives, who also use Optimum Online, be able to connect to my website from their computers?

My ISP discourages webserving through their IP addresses.

Any other ideas that come to mind would be welcome. Thanks


----------



## brendandonhu (Jul 8, 2002)

Still need a traceroute from a computer that connect to find out where the connection is getting dropped. Othewise we won't know if they're being disconnected by their ISP, your ISP, your server, etc.

As well, your ISP doesn't allow you to run Apache, or point a domain name to your computer, and they can terminate your account for doing this.


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> Still need a traceroute from a computer that connect to find out where the connection is getting dropped. Othewise we won't know if they're being disconnected by their ISP, your ISP, your server, etc.
> 
> As well, your ISP doesn't allow you to run Apache, or point a domain name to your computer, and they can terminate your account for doing this.


My ISP discourages users from running web servers; that's why they block port 80. If they wanted to, they could block serving from all ports but they choose not to do so

I will get someone to tracert from their computer. Thanks again


----------



## brendandonhu (Jul 8, 2002)

It's not just discouraged, their Terms of Service say that you are not allowed to do what you're doing. Hope you don't get caught.


----------



## getwhatUwant (Aug 5, 2005)

brendandonhu said:


> It's not just discouraged, their Terms of Service say that you are not allowed to do what you're doing. Hope you don't get caught.


The terms of service applies only to residential subscribers not business class subscribers. Thanks for your concern though.


----------



## brendandonhu (Jul 8, 2002)

Ah, got it 
Pretty stupid that they block Port 80 if you're allowed to use a server though.


----------



## getwhatUwant (Aug 5, 2005)

If you want, they will set up your web server for you for a large fee (I guess the definition of "large" depends on who you are talking to). It's ridiculous. I think they make it intentionally difficult to set up web servers so they can set them up for people. I'm happy i got mine running but now i see it doesn't run on all PCs.... Will they offer me support? of course they will.....for a fee...lol


----------



## dvk01 (Dec 14, 2002)

Many ISP's discourage or forbid you to run a webserver on a dsl line and that is why they block the standard ports that webservers run on 

They do this to protect other users on the same dsl node or connection and they do share dsl connections

When you pay them or any other host to host your server they put them on a much wider bandwith connection to prevent "normal" subscribers being affected by your unsuitable use of their services

I resally don't think that we should offer any further advice to you on what might be seen as a way of getting round your ISP's restrictions

I would suggest you ask them about it


----------



## dvk01 (Dec 14, 2002)

But it does connect up for me so it is likely to be an issue with the wider DNS servers NOT having had the latest DNS information about your site via the sitesolutions dns servers


----------



## getwhatUwant (Aug 5, 2005)

dvk01 said:


> Many ISP's discourage or forbid you to run a webserver on a dsl line and that is why they block the standard ports that webservers run on
> 
> They do this to protect other users on the same dsl node or connection and they do share dsl connections
> 
> ...


Well, you haven't offered me any advice at all anyways, dvk01. I was happy to receive advice from techguy.org but your comments have made me feel generally unimpressed with techguy.org. When I think about it , you guys couldn't even help me with this little problem I haave. I still have the same problem I had initially! Not helping for moral reasons and not helping because you don't know how are two separate things. It is clear that you guys don't know how and those who don't know how can't help. I do appreciate you guys "trying" but apparently, that wasn't good enough. You create a moral dilemma where one does not exist! Stupid!! You seem to have looked over the fact that I have a business class account at Optimum Online. So I am permitted to run a web server but have decided to set it up myself rather than pay them to set it up for me.

I mean, I look at the advice dvk01 left me and I can' t help but to laugh:

"...is likely to be an issue with the wider DNS servers NOT having had the latest DNS information about your site via the sitesolutions dns servers..."

This, I know for a fact, IS NOT THE PROBLEM since those who cannot connect to my website see the proper redirection taking place in the status bar of internet explorer. This was clearly stated in one of my other posts. How unhelpful that comment was is unfathomable. Thanks for nothing dvk01! Maybe you should do some research before you make comments as you clearly are not knowledgeable enough on your own to offer any worthwhile and helpful considerations.


----------



## JohnWill (Oct 19, 2002)

You're right, we're clearly unworthy of your time, so I suggest you take this problem elsewhere. BTW, that qualifies as advice, even though you might not like it.


----------



## getwhatUwant (Aug 5, 2005)

JohnWill said:


> You're right, we're clearly unworthy of your time, so I suggest you take this problem elsewhere. BTW, that qualifies as advice, even though you might not like it.


That's the best advice I've gotten so far. Thanks SO MUCH. Wish I'd have been give that advice earlier.


----------



## southernlady (May 6, 2004)

> Many ISP's discourage or forbid you to run a webserver on a dsl line and that is why they block the standard ports that webservers run on
> 
> They do this to protect other users on the same dsl node or connection and they do share dsl connections
> 
> ...


I am ALSO running a business dsl line and am allowed to use port 80 on mine so what this gentleman is asking is a perfectly legal question.

I pay WAY more than what the average user pays for DSL but that is because I AM a business subscriber, I get STATIC IP's out of mine and YOU know me from WAY back.

He is not scamming his ISP cause I am asking for the same help in another thread, dvk01 and Johnwill. See this one: http://forums.techguy.org/t387813.html

And Techguy and Candy both know I'm running my own server, I've mentioned it in PM's to them.

So don't jump to conclusions so quickly. People around here tend to do that some times. Liz


----------



## getwhatUwant (Aug 5, 2005)

southernlady said:


> I am ALSO running a business dsl line and am allowed to use port 80 on mine so what this gentleman is asking is a perfectly legal question.
> 
> I pay WAY more than what the average user pays for DSL but that is because I AM a business subscriber, I get STATIC IP's out of mine and YOU know me from WAY back.
> 
> ...


Thank you sir, I appreciate it.


----------



## southernlady (May 6, 2004)

> Thank you sir


Actually, that's ma'am but I'll let it go  Liz


----------



## tdi_veedub (Jan 29, 2004)

I can understand not helping someone with something that is illigal. But people who decide to run servers on their personal Internet account are not doing anything illigal. They may be breaking their terms of service agreement with their provider, but that is not illigal and it's not anyone's business to decide what their morals should be. If one doesn't want to provide help because it is against their moral values that is fine, but they need not reply(that is what the civ. debate section is for). If it's a technical question, and it's not illigal, and someone can offer help then great, but things shouldn't turn into a slugfest.


----------



## southernlady (May 6, 2004)

But running a BUSINESS class server out of your home is NOT breaking your TOS with your provider. I am running a business class server out of my home on a BUSINESS LINE. It's called the Pro S plan by SBC Small Business and is listed here: Pro S Plan It is perfectly LEGAL. Liz


----------



## getwhatUwant (Aug 5, 2005)

Rather than admit that they can't help me with my problem (i.e. their tech skills are deficient), they'd rather use the "moral grounds" argument to hide incompetency. That's the way I see it anyways!

sorry Liz about assuming you were a male. Not many techie girls out there......or at least, not many that I know...


----------



## dvk01 (Dec 14, 2002)

southernlady said:


> But running a BUSINESS class server out of your home is NOT breaking your TOS with your provider. I am running a business class server out of my home on a BUSINESS LINE. It's called the Pro S plan by SBC Small Business and is listed here: Pro S Plan It is perfectly LEGAL. Liz


Liz

runnning a business line server may well be OK with his ISP BUT he has stated that port 80 is blocked by his ISP

You are using a different ISP from him and all I can find on his ISP's T&C's is NO webservers on a domestic line and no references to premium or commercial services at all

The only reason that the ISP block port 80 is to stop servers being run

There is no legitimate around that so if he is paying for the service that allows a web server to be run on it he should do as I suggested and contact the ISP and ask for their help

His ISP prohibits servers on domestic lines and it is entirely possible that they are charging him commercial prices but giving him a domestic service

I will not attempt to tell anyone how to get past restrictions put in place by an ISP to prevent possible abuse of the service

It is not a moral issuer but a legal one where if he is doing something the ISP prohibits then they will cut him off and I don't know about teh US but that sort of thing is cobverded by the computer misuse Act in the UK & Europe wher it is classed on the same levels as hacking or interfering with an ISP service so is heavily punishable and I do not intend to go down that path

He refuses to ask therm as he says that it will cost, well if they charge to remove the port 80 block so what.He will have to pay it. He will not be able to run a server successfully without it

And I still stand by my first incliniation that it's a DNS issue as originially I couldn't connect either but the next day I could so it's very likely that others would have found the same


----------



## dvk01 (Dec 14, 2002)

On a slightly diffeent technical note what many ISP's do to prevent servers being used is to limit the upstream from your computer to their network 

I cannot run a server properly on my dsl connection as I have 3mb download but only 256kb upload so effectively making any server useless 

If I want to be able to run the server I have to pay the extortionate increased charges for 3mb both ways and it works out cheaper to host a server remotely with ahosting company than do that


----------

