Should I use another router to setup my web server at home?

Linusky · Nov 6, 2017

Here is the situation: I currently have a decent router, setup is ISP->Modem->Router->PC
What I am trying to do is to setup a webserver for my blog at home, but to minimize the risk, I would like to isolate my home PC and stuff from the server. Let us assume the Router is X, my desired setup is this: ISP->Modem-> Router X(DHCP)->current Router (DHCP disabled)->Home PC
OR->Straight to my WebServer from Router X
Should I buy a router for "x" or should I do something else? If so, what are the cheap options there (Since I am not using wireless, as long as a good Ethernet speed is good)?
Also, Does the ethernet speed such as 100 mbps and 1000 mbps matter much?

Ralston18 · Nov 6, 2017

Start with the following link:

https://www.lifewire.com/how-to-enable-your-wireless-routers-built-in-firewall-2487668

However, keep in mind the bigger picture. Here is a similar link/posting from within this forum:

http://www.tomshardware.com/answers/id-3487403/hardware-firewall-secure-home-network.html

Just some other options and thoughts therein worth considering.

Yes. Ethernet speed matters. A network will perform only at the speed of the slowest component or cable.

Linusky · Nov 6, 2017

Ralston18 :

So are you suggesting just go with another router? (I read your first link before but it is not secure because if webserver is exposed to the internet your router firewall becomes useless, if webserver gets compromised the entire network would too.And that is exactly what I am trying to prevent. ) Just for some reference, I got my info here:https://boutell.com/newfaq/creating/dmz.html

Ralston18 · Nov 6, 2017

Always trade-offs involved. And there will always be security risks.

List and prioritize your security concerns and requirements. Make the list a checklist that you can mark off as each concern is addressed to your satisfaction.

My recommendation is to do what you can with what you have. If that set-up and configuration satisfies the security requirements then go with it.

However, if that set-up and configuration does not satisfy all of the security requirements then you should be able to readily determine what you need to go "from where you are" to "where you want to be". Most likely some unchecked boxes on your checklist.

Overall end result being some understanding of what you need to fulfill all requirements and/or minimize any risk levels.

Hardware, software, configuration - many choices and options.

Overall simpler is better - less to go wrong or provide an opening for some future vulnerability as noted in the links.

Risk differences may be negligible.

Solandri · Nov 6, 2017

Linusky :

That won't provide any protection at all. In fact it won't do anything since you're using your old router as a dumb switch. To add an extra layer of protection, you need to go:

ISP
|
modem
|
current router - web server
|
new router
|
home PC

That is, plug the web server and the new router's WAN port into your current router's LAN ports (don't disable DHCP). The new router will add a second firewall, and all your "secure" devices should be connected to the new router. You can disable WiFi on the current router, unless you also want to use it to provide a guest WiFi connection. If you need to do any port forwarding for games, this means you need to port forward twice since your new router will basically be seeing your current router's network as "the Internet."

All that said, I'd strongly recommend looking into a web hosting service. A blog requires almost zero CPU, RAM, and network bandwidth. There are many web hosts which will do it for a few dollars a month. And before you say "but I can do it for free at home," no it's not free. If you pay the U.S. average of 11.5 cents/kWh for electricity, then a device that's left on 24/7 will cost you about $1 in electricity each year for every Watt it consumes. So if your "free" home web server is on newer hardware that burns about 30 Watts at idle, then it'll cost you about $30/yr in electricity to run it from home. Add in 5 Watts for the new router and you're paying about $3/month. If you're trying to reduce new purchase costs by re-using an old computer that burns 65 Watts at idle, then you're looking at $70/year, or about $6/mo spent on electricity.

That's right around what a several web hosts charge for their lowest tier of service. And they will also provide you with a static IP address, DNS, in many cases domain name purchasing (though I recommend you do that separately - I use namesilo), and most importantly automated backups and timely troubleshooting if any networking issues arise (they strive for 99.999% uptime or better).

Also, Does the ethernet speed such as 100 mbps and 1000 mbps matter much?

Unless your Internet speed is faster than 100 Mbps or 1000 Mbps, not really. If your router is 100 Mbps on the LAN side, it will cap data transfers between two ethernet devices to 100 Mbps even if both devices are Gigabit capable. But that's easily remedied by buying a $20 Gigabit switch, plugging that into one of the router's LAN ports, and plugging your Gigabit devices into the switch. They'll still be limited to 100 Mbps for anything going through the router (i.e. Internet), but they'll be able to communicate at Gigabit speed with other devices plugged into the switch.

Linusky · Nov 6, 2017

Solandri :

Well I was thinking the same but put the new router in place of the current router, and swap these positions. My current route has extended range and such, very high stat, so it would be good for wireless connections like Home PC. Then I will buy a regular router with trash wireless but gigabyte Ethernet... Wouldn't that be the same thing?(Except not disabling the DHCP) For the DHCP part, I looked up online, for some reaons all the articles say that two routers connected needs to disable the DHCP for one of them or they will conflict each other,idk.

Also, I looked into it but when they really say couple dollars a month, they really mean the 2 years contract, if you go below that, the cost goes way up... And Yeah, I know my electricity bill, about 3 dollars a month for current server, no big I suppose.

Alabalcho · Nov 6, 2017

I would do something completely different. Why not just host your blog somewhere else? There are plenty of VPS offerings for $5/mo.

boosted1g · Nov 9, 2017

One other aspect not covered is that most ISPs block default ports like 80 (HTTP), 53 (DNS), or 443 (HTTPS) for residential plans.
So you can setup all of this and and be immediately roadblocked by your ISP.
Using offbeat ports for your own internal web-gui for applications is totally fine. Since you have to manually tell the browser to use a different port than 80, this is a very very bad solution for any public website.

Between this and the security aspect, paying $5-10 a month to have hosted VPS is much much better.

Search

Should I use another router to setup my web server at home?

Linusky

Reputable

Solandri

Ralston18

Titan

Linusky

Reputable

Ralston18

Titan

Solandri

Illustrious

Linusky

Reputable

Alabalcho

Titan

boosted1g

Titan

TRENDING THREADS

Latest posts

Moderators online

Share this page