Self-Hosted Web Server のポート転送
開放するポート
なぜポート転送が必要?
Running a personal blog, status page, or photo gallery from home means inbound 80/443 must reach the LAN host. With a dynamic DNS service (DuckDNS, Cloudflare DNS) you can keep a stable hostname despite ISP IP changes.
ルーターブランド別手順
TP-Link
- Get a static internal IP for the server
- NAT Forwarding → Virtual Servers → forward 80 and 443 to that IP
- If your ISP blocks 80 (some do — check by trying outside), use port 8080 → 80 instead
- Set up DDNS in the router for a stable public hostname
Netgear
- Advanced → Dynamic DNS → register a free hostname (No-IP, DynDNS)
- Port Forwarding → forward 80 + 443 to the server's LAN IP
- On the server, point Nginx / Caddy / Apache at those ports
ASUS
- WAN → Virtual Server → Add 80 and 443 forwards
- WAN → DDNS → enable ASUS's free *.asuscomm.com hostname
- On the server, configure Caddy / Nginx with that hostname for automatic Let's Encrypt
セキュリティの注意
Use Caddy or Nginx with auto-TLS, keep ssh on a non-default port if also exposing it, and rate-limit. Cloudflare Tunnel is a strong alternative that requires NO port forwarding.