Hosting a server from home requires a few key settings for functionality and security. Here are my recommendations for setting up port forwarding, IP allocation, and other network configurations to secure your server.
Port Forwarding
Port forwarding directs external traffic to your server. Here’s a sample configuration for common ports:
| External Port | Internal IP Address | Internal Port | Protocol | Label |
|---|---|---|---|---|
| 80 (HTTP) | {local-ip} | 80 | TCP | HTTP |
| 443 (HTTPS) | {local-ip} | 443 | TCP | HTTPS |
| {ssh-port} (SSH) | {local-ip} | {ssh-port} | TCP | SSH Access |
- External Port: Accessible from outside your network (e.g.,
80for HTTP). - Internal IP Address: The static IP address of your server within your network (configured in Static IP Allocation).
- Internal Port: Port your server listens on, usually matching the External Port for simplicity.
Tip: Avoid exposing default SSH port (22) directly; choose a custom SSH port to reduce vulnerability to automated scans.
Check Allowed DHCP IP Range
Some ISPs reserve certain IP ranges for their devices. Ensure your server’s IP is within an allowed range.
Example:
| LAN Config | Value |
|---|---|
| DHCP Allowed IP Range | xxx.xx.x.10 - xxx.xx.x.19 |
| DHCP Reserved (Premium) IPs | xxx.xx.x.20 - xxx.xx.x.29 |
In this example, choose an IP in the range xxx.xx.x.10 - xxx.xx.x.19 for your server.
Static IP Allocation
Assigning a static IP to your server keeps it reachable at a consistent address, essential for reliable port forwarding.
Example:
| MAC Address | Allocated IP | Label |
|---|---|---|
| AA:BB:CC:DD:EE:FF | xxx.xx.x.xx | Home Server |
- MAC Address: Unique ID of your server’s network interface.
- Allocated IP: Static IP within your allowed range.