Azu Posted June 19, 2007 Share Posted June 19, 2007 With some services like no-ip you can get a domain name and have it so all ports are redirected to a certain port. Can somebody please tell me a way I can do this with a single port? So that the domain name works normal unless someone tries to connect with a certain port (80) then I would like it to redirect to a different port. But only redirect this one port instead of all of them? I want to do this so that I can have my firewall block port 80 so port scanners won't find open ports if they scan my IP, but if someone types in my domain into their browser it will work without them having to type :PORT after it. Cause basically right now if I change my webserver to use a different port people will have to type :port after the URL. I want to fix it so they don't have to, but without having port 80 open on my computer. Quote Link to comment Share on other sites More sharing options...
steviewdr Posted June 19, 2007 Share Posted June 19, 2007 Im afraid I dont think that can easily be done. A webserver normally runs on port 80. Web Browsers normally go to either 80 (http://www.site.com) or 443 (https://www.site.com). Any other port number has to be typed in directly (as you said). Even if you got your firewall (iptables) to redirect port 80 to port 8001 (for example), it would still be picked up on a port scanner. Typically - before someone does a port scan on your computer/server, they do a simple ping. What a lot of servers/companies do as a result, are to block IMCP (ping). This ususally stops most automated port scanners from discovering a host and its ports. Also - apache is very secure. There shouldnt be any major need to worry. -steve Quote Link to comment Share on other sites More sharing options...
Azu Posted June 23, 2007 Author Share Posted June 23, 2007 I'm just worried about worms and such that scan common ports to see if a computer is alive or not. Currently port 80 is the only common port that I have open, and I would really like a way to have it stealthed without blocking out people trying to legitmately use my site. If there isn't a way to have it on another port, is there a way to make it so it will only accept valid connections? Like have it drop the packet if there is no valid request header or something like that? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.