Outside Access

From LinuxMCE
Revision as of 17:46, 5 June 2006 by Wikiadmin (Talk | contribs) (Imported document)

(diff) ←Older revision | view current revision (diff) | Newer revision→ (diff)
Jump to: navigation, search
This page was written by Pluto and imported with their permission when LinuxMCE branched off in February, 2007. In general any information should apply to LinuxMCE. However, this page should be edited to reflect changes to LinuxMCE and remove old references to Pluto.

If both of these boxes are unchecked, then it will not be possible for anyone to access any part of your system from outside the home unless you manually make changes to the firewall in the Advanced section.

Check the first box if you want to be able to access the Pluto Admin website from outside your home. Once checked, you will be able to go to any internet browser anywhere and go to the URL http://youripaddress/pluto-admin to reach the site.

There are 2 potential problems, both of which are easily solved with very low-cost optional services from Pluto. The first is that to access your home system you need to know the ip address that globally identifies your computer, and put it in the "youripaddress" on the URL. But most residential DSL and cable internet services do not provide their customers with a static ip address--it changes all the time. Pluto offers a DNS service so that instead of needing to know your ip address, you can access your pluto system by going to: http://yourusername.plutohome.com. Even if the IP address changes all the time, you can still get to your home pc.

The second problem is that if you check that box the connection will not be secure and it would be possible for someone to "listen" to your communication and intercept your password, thereby being able to control your house. To solve this you can obtain your own SSL secure certificate from a company like Verisign. This is what banks and online merchants use to encrypt confidential financial transactions. With a secure certificate you would access your web site with an "https://" instead--the s means secure. Everything would be secure and encrypted using the same method you use to access online banking and other secure sites. However setting up your own secure certificate can be costly and complicated. Therefore Pluto offers an SSL forwarding service. With this service you would access Pluto's secure web site using https://yourusername.plutohome.com, and our server would automatically setup a 'secure tunnel' that redirected you to your site. You would still use your site the same way, the only difference is all the communication would be encrypted using Pluto's secure site. Both of these services are available for around $1/day. Login to plutohome.com and click 'My Pluto' to learn more.

If you do check the box to allow outside access, you may find that even if you know your ip address you still cannot access your server because your ISP blocked incoming connections on port 80. Port 80 is what internet browsers use to connect to a web server. You can try changing the port from 80 to something else, like 3080. If you do, then you will need to access your web site like this: http://youripaddress:3080/pluto-admin. If that still doesn't work, you may need to talk to your ISP, or consider using Pluto's SSL secure service since that does not require your ISP to permit incoming web connections.

The Allow outside access is mainly used when you want tech support to be able to help you configure or troubleshoot. There is no 'back door' to Pluto, and Pluto staff have no way to connect to your system unless you check this box. If you request tech support and you want to allow Pluto to access your system, check the box and then type in a password. You will then give the support rep the password, and with that password, the support rep will be able to login to your system, inspect the logs, look at your configuration, and run diagnostics. As soon as you uncheck the box or change the password the connection your Core will immediately drop the connection and the support rep will not have access anymore. When you enable remote access, the connection the support rep uses to access your system is secure and encrypted using a protocol called SSH.