How to get a host name for my web server - dns

I have set up an ubuntu server on my local network. I have set up port forwarding on my router so that my tomcat application server that I have running on my ubuntu server can be publicly accessed at:
http://<my router's IP>:8080/
Is there a free way to create a domain name so that my app server will be publicly available at something like http://example.com, rather than http://<IP>:8080?

You can use a CDN service (like CloudFlare, which has a free tier) to reverse-proxy from a domain name of your choosing to your server. There are some limitations but if you aren't doing a lot of live updating or have interactive pages this might be a good route.
Other than that, a redirection service (that would turn your http://example.com into something like http://website.example.com:8080 after the first hit) or a custom reverse proxy (like HAProxy on a $5/month AWS t2.nano instance) might be a non-free option.

Related

proxying outgoing traffic from local network

i have the following case: i've had an app hosted on some cloud hoster's server and it's own domain, now i've migrated from cloud to selfhosted and what i want to do is to redirect all users in my local network from the old domain to the new one i.e. when a user tipes previous url into it's browser it opens new urk. The main problem is that i can't influence on the old domain, but can configure my local proxy server apache.
There are 2 ways to achieve that:
The simplest way is to edit the hosts file on your local network computers (on windows you can find it in c:\Windows\System32\Drivers\etc\hosts (or /etc/hosts on Linux) and add the entry for your olddomain internalserverip like "IP_ADDRESS DOMAIN_NAME www.DOMAIN_NAME".
You will need to create a bind server on your local network to answers the local queries and configure the zone for your old domain like you would when the domain was hosted on cloud, you just need to put your internal server IP in the A entries.
In both situations if your web server is configured with only the new vhost entry , you will need to configure it with the old vhost (if there is no vhost configure you will not need to do anything)

How to setup external & internal dns that have an external & internal destination using IIS / Windows Server / Application Proxy

Short question:
How to setup a local and external dns that have an external destination and a internal destination.
Technologie used:
Websites are hosted in IIS
Local DNS is in Windows server
External DNS via CPanel
using Azure Application proxy for the bridge external to internal
Explanation:
I've made a schema, see image.
entrepriseName.com: website hosted externally somewhere by somebody.
site1.entrepriseName.com :
Contains some basic webpages. Which are referenced by https://entrepriseName.com. With html .
url site1.entrepriseName.com is not existing yet, and its hosted under https://site1-entrepriseName.msappproxy.net
site2.entrepriseName.com :
Availaible ONLY locally / vpn. With https.
url site2.entrepriseName.com is not existing yet. currently hosted on https://site2.entrepriseName.local, but https is complaining.
And its not clean, should be under site2.entrepriseName.com
https://site1-entrepriseName.msappproxy.net should in reality be https://site1.entrepriseName.com.
Assuming I added a custom domain name in azure and configure the app proxy correctly. The next step would be to add some sort of dns...
When I tried to add a foward lookup zone "entrepriseName.com" in the LOCAL dns.
Our external website "entrepriseName.com" didn't work locally, as everything with entrepriseName.com (which is normal, after tought haha...)
Actual Question
So how respect make sure that these 3 conditons are met:
Internal request route to site1.entrepriseName.com but is also accesible externally (with AAD app proxy connector)
Internal request an also route to site2.entrepriseName.com (only avalaible locally).
Lets say that site1 load a script like <script src="js/potato.js"></script>
Since https://entrepriseName.com have reference to site1 with iframe.
Will entrepriseName.com attempt to load the realtive script js/potato.js?
Obviously we want to prevent this from happening.
Internal request route to site1.entrepriseName.com but is also accesible externally (with AAD app proxy connector)
• Since, the domain ‘enterprise.com’ is owned by your organization and thus has an internal AD DNS server setup for it, for the ‘site1.enterprisename.com’, you will have to create an ‘A’ host record in the internal DNS server for the requests to the application ‘site1.enterprisename.com’ to be redirected to internally as well as similarly, ‘A’ DNS host record also need to be created in the public DNS server where ‘enterprisename.com’ domain is registered so that any external (over the internet) requests are routed correctly to the externally facing application homepage. Also, you need to configure conditional forwarding to the public IP address of the domain hosted on the public DNS server in the internal DNS server of your domain environment for any internal requests to redirect to the publicly hosted DNS records and through it, to the application.
• Also, since the AAD application proxy connector is a syncing and request forwarding software to be installed on the member server that syncs the database of the application in Azure as well as that running on-premises and forwards the requests directed to Azure through it, a wildcard certificate with the CN ‘.enterprisename.com’ or a SSL HTTPS certificate with the CN ‘site1.enterprisename.com’ where ‘site1’ is the name of the application hosted with this subdomain should be installed on the server* running the application in on-premises environment and on the member server where the app proxy connector is installed in the personal certificate store of the server. In this way, you can configure the application ‘site1.enterprisename.com’ to be accessed internally as well as externally.
Note: - The member server where the app proxy connector is installed should be dedicatedly a part of the application farm itself so that the certificate installed on it authorizes and identifies the application server as valid.
Internal request an also route to site2.entrepriseName.com (only avalaible locally).
• To configure the internal request route to ‘site2.enterprisename.com’ available only locally, you will need to create an ‘A’ host DNS record in the internal DNS server for it and remove the conditional forwarding configured in the internal DNS server for the externally (over the internet) available website of the application. Also, remove the ‘A’ host record for the ‘site2.enterprisename.com’ if created in the public DNS server for the ‘over the internet’ routing and redirection to disable completely. This will ensure that the application ‘site2’ is available only in the intranet locally. Also, note that, if you want to manage multiple types of DNS records for a subdomain in the internal server, then you can create a DNS zone with the FQDN of the subdomain (application) in the internal DNS server.
Note: - You may want to edit and configure the ‘hosts’ file on the server hosting the ‘site2’ application as well as the ‘site1’ application to include the application (subdomain) FQDN so that the server responds to network requests for the application hosted on it along with individual hostname records.
Will entrepriseName.com attempt to load the realtive script js/potato.js? Obviously we want to prevent this from happening.
• If the ‘potato.js’ script is configured to load when the ‘https://enterprisename.com’ website is requested, then that script will surely load up but if the reference ‘site1’ is with ‘iFrame’, when referencing to the site address, then the ‘site1’ referencing to the FQDN of the ‘site1’ have to be removed from the website code during initializing and startup and replaced with that of the website itself, i.e., ‘https://enterprisename.com’.

Hosting web application on Amazon AWS EC2

I am developing a web application locally. However, I would like to host the final product on an Amazon EC2 instance. I have moved my web application to the EC2 instance and am able to run the application; it's now listening on port 8081.
What I don't understand is how to allow users on the internet to access the web application running on port 8081 of the EC2 instance. I have tried redirecting the domain name to the IP address of the EC2 instance on the NameCheap DNS (where we bought the domain) to no avail. I suspect one of the things I need to do is set the permissions of the EC2 permission group but what should I set it to?
Help is greatly appreciated!
Thanks!
You can setup a nginx server to proxy all request to the port 8081.
Read more information here: https://doesnotscale.com/deploying-node-js-with-pm2-and-nginx/
Generally speaking, for a public web application you will want to run on a standard port (e.g. 80 or 443). You could do that by just running your node app as a privileged user (required by most OS's to expose 80 or 443), but generally it's better to have a web server in front pass the traffic, treating your node app as an upstream server (even if it's on localhost). NGinX is a good choice for this.
Regardless of what port you want to run it on, you'll need to update your EC2 security policy for that instance to allow traffic on that port (80, 443, 8081, whatever). You'll also need to make sure it's exposing a public IP address. It's not a bad idea to assign it an Elastic IP, since you'll wnat it to have the same address across instance reboots.
Finally, depending on what AMI you're running from, there may be a host firewall configured that you'll need to check on and configure to allow the traffic.

Can a managed website and a virtual machine share the same domain name in Azure?

I have a website hosted on Azure as a managed site. I need to run a separate FTP server and a custom Windows service on virtual machine, but need them to share the same domain name as the site. So what I'd like to be able to do is have mysite.com port 80 go the website, but mysite.com port 21 etc go the virtual machine and connect with the FTP service. How would I go about setting that up?
When a user looks up "mysite.com" they are going to get a single IP address, and there is no way via DNS to return different IP addresses based on the port number you are trying to use. You have a couple options to achieve this solution:
Setup an intermediate routing service that accepts all traffic to mysite.com and then routes the traffic to the appropriate website/VM based on the port number. This is non-trivial and may incur extra costs (you could build the routing service into the existing VM that is serving FTP to reduce the cost).
The easier solution is probably to have a CNAME for www.mysite.com pointing to the website, and a CNAME for ftp.mysite.com pointing to the VM.

Hosting software on my server that allows users to point their domain to using CNAME

I am creating software that allows users to either have their own custom subdomain (e.g: theirsubdomain.mydomain.com) or point a CNAME from their own domain to my website address (e.g: theirsubdomain.theirdomain.com).
I've contacted my host about this and the first subdomain option is cool. They will set-up a wilcard subdomain script for me...
The CNAME they said I can't do automatically. I will have to manually go into my account and add the domain to point to my website address otherwise apache wont now where to look for the files.
Is this common practice or is there a way around this that is automated?
The issue is the HTTP header. When you request a Web page the browser sends a request that starts out with:
GET /mypage.html HTTP/1.1
Host: www.mysite.com
The Host item allows a single Web server to serve pages for multiple domains. By looking at the Host, the server knows that mypage.html should come from its stored files for mysite.com, and not from the files of myothersite.com which is on the same server.
I am guessing your site is on a shared Web server at your host company, and they use this functionality to differentiate between requests for your site and requests for other sites that sit on that same virtual box. Some of these virtual hosts, like HostGator, will allow you to specify other domains that should be accepted on this Host line and where the returned documents should come from. This often is a more premium service offered by companies. For example on HostGator they say "The Baby and Business hosting plans allow for unlimited domains to be hosted on just one single account", however the basic Hatchling plan does not allow this.
If you have your own rented machine, with your own installation of Apache, you can manage the processing of this HTTP header information yourself. Apache supports virtual hosts, see the following documentation: http://httpd.apache.org/docs/2.2/vhosts/
So basically, you have to have some way to tell Apache (or whatever server you are using) that the files for a particular Host value corresponds to the same files for your domain, since a single Apache server may be providing files hundreds of different domains. If you are not administering your own Apache server, to where you can set up virtual hosts as shown in the documentation, the hosting service would have to provide some custom way to get this information to Apache.

Resources