0
I run a self hosted Wordpress blog off of my home headless Ubuntu Server 12.04. What is the best solution for hiding my IP address number from showing up if someone where to type my domain name into an IP tracker? Is there some kind of masking solution? If they do, I am not sure of how either a VPN or a web proxy would apply here.
user98496
Posted 2013-11-14T16:43:39.883
Reputation: 683
5
Why do you believe hiding your IP address will make your implementation more secure? If the resources (any of them, including graphics, code, etc.) serve from your house, I can discover this.
I assume your desire is to prevent the likelihood of intrusions into your home network. The correct answer to properly preventing this is to host the site elsewhere. Especially considering that most ISPs providing residential service have express statements in their service agreements and contracts forbidding hosting public sites and services.
Now, you can proxy services to another server. This works by having a server somewhere else be the sole client of your hosted site. A user makes a request to the proxy service, which then retrieves it server-side from your house. Optionally, it also caches these resources to serve as an accelerator.
But honestly, unless you use some free service for doing that, any capital spent implementing this is better put into just hosting the site directly at a data center, which is dirt cheap nowadays.
Tohuw
Posted 2013-11-14T16:43:39.883
Reputation: 507
1Hi, I meant to respond to this earlier, but I've been busy. You have it right that I was concerned about intrusions into my home network. As my interest in security has awakened, it was really just a question that I admit deserved more research prior to posting. Nonetheless, I will take your suggestion and have a look at some of the web hosting services that are out there. Thanks. – user98496 – 2013-11-22T21:24:41.360
2
A Tor hidden service will accomplish this IF nothing in the content of your site will give away your home IP. You may wish to take additional steps to mask identifying information such as hiding your web server banner, etc.
Of course, users will need to
use Tor to get to your blog. Fortunately with the Vidalia bundle this isn't too difficult but some non-technical users may be put off, OR
use a public Tor gateway. These are not always reliable or available. Users are forced to trust that the gateway provider has not tampered or sniffed traffic, but you as a hidden service provider are safe. However no installation of Tor is needed. "tor gateway" in a search engine will bring up some examples.
LawrenceC
Posted 2013-11-14T16:43:39.883
Reputation: 63 487
@Sirex: Doesn't that depend on why you want to be anonymous? – zondo – 2017-08-12T20:40:08.017
1overkill, much ? :-) – Sirex – 2013-11-14T17:16:48.827
If it's worth doing, it's worth doing right. :) – LawrenceC – 2013-11-14T18:05:41.893
0
It can be done, by using a kind of open proxy.
What you need to do is to obtain control of another machine (maybe even just a shell) on a different pc (we'll call this a proxy), register the domain name you wish your users to know you by, and configure the proxy so that it replies by that name.
At the same time, you need the proxy to forward all Web page requests to your home, and to drop any other request for service.
I am sure there is a name for this kind of service, but I now forget. I called it, naively, open proxy to imply that its name and IP address are know to everyone, but it will not provide undiscriminate services to all, just access to your Web site.
With NATting and iptables the proxy system can expunge any reference to your home IP.
MariusMatutiae
Posted 2013-11-14T16:43:39.883
Reputation: 41 321
1what you describe is called a reverse proxy. – Sirex – 2013-11-14T17:14:43.193
ty, my age shows, had a total blnk... – MariusMatutiae – 2013-11-14T17:16:39.323
2The main question I have is "Why would you want to hide the IP address?" There is no reason for it. – Hennes – 2013-11-14T16:49:11.607
3@user98496 - You can't. A domain must be pointed to an ip address. You can point that to a single server which depending on the load directs it to another ip address. In either case the ip address the browser connects to will be known. This is a requirement for that domain to even work. – Ramhound – 2013-11-14T17:08:09.747