Skip to content

Making your web server on your local machine accessible to the internet with Remote port forwarding

Just recently, I’ve been using a 3rd party service name ngrok to allow me to expose my web server to the internet or simply allow internet to access my website or web apps.

So why do you need? If you’re a developer and you are developing web apps that integrates with other 3rd party service provider out there, you probably been stumbled working with webhooks. In my previous works, whenever I work with webhooks, you need the 3rd party app to be able to reach your webhooks endpoints to deliver useful events or data asynchronously. This is some kind of challenging work since most of the time you are working locally (in your own machine). So I use a tunneling service like ngrok and pagekite before. I was curious on how things work and I really want to do a simple tunneling on my own implementation.

So in this writing, I would like to share to you how I did it and how it helped me a lot in my development.

Say that you’re developing a Rails application on your local machine, and you’d like to show it to a friend. Unfortunately your ISP didn’t provide you with a public IP address, so it’s not possible to connect to your machine directly via the internet.

Sometimes this can be solved by configuring NAT (Network Address Translation) on your router, but this doesn’t always work, and it requires you to change the configuration on your router, which isn’t always desirable. This solution also doesn’t work when you don’t have admin access on your network.

So what do we need?

  • Your local PC (with your local web server running & your web app)
  • Remote Server  that is accessible on the internet. This is the mediator. This will serve as forwarder of TCP traffic to your local machine (PC)
  • Anyone From Internet (who will access you web app)

To fix this problem you need to have another computer, which is publicly accessible and have SSH access to it. It can be any server on the internet, as long as you can connect to it. We’ll tell SSH to make a tunnel that opens up a new port on the server, and connects it to a local port on your machine.

So let’s dig in with this command, first is -R, this flag tells the server that we want to a remote forwarding, and the next command 1100:localhost:80 means we want everytime some accesses example.com:1100, forward this traffic to my local machine at port 80. So if your local web server (the server on your machine not the remote one) is running in a different port say 9000, then you would use a command “ssh -R 1100:localhost:9000 user@example.com”. That’s it! If we access example.com:1100 and our local server is running on our PC then it should server files from our PC.

Make sure the remote server’s port 1100 is open and accessible from public. If you’re running it in AWS, make sure your security group has allowed port 1100 traffic inbound, or else, all packets coming in will be dropped.

There is one more thing you need to do to enable this. SSH doesn’t by default allow remote hosts to forwarded ports. To enable this open /etc/ssh/sshd_config and add the following line somewhere in that config file.

Make sure you add it only once!

And restart SSH

More sophisticated explanation can be found here

Published inservers

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *