Ok, so now I have set my webserver up to allow me to access my cameras from outside my LAN without exposing the cameras themselves.
Aprelium Abyss Web Server
I am using a very nice and free web server called Aprelium Abyss Web Server. What I really like about this server is the ease of configuration as well as the posibility to host native .Net apps.
I found this server a number of years ago when I was looking for a way to host a .Net web page and I needed the web server to run on Windows XP. Sure XP had a personal version of IIS, but that was SEVERELY limited and basically did not work the way I wanted it to. So I started looking for option and at least back then they were equally severely limited. Then I happened on this nice web server and presto!
You can run the server on both Windows, Mac and Linux. I have tried to install the server on Windows and Linux and both worked like a charm. The linux version can not run .Net apps however.
The basic setup is really easy. Not only installation wise but configuration wise as well.
The basic configuration has the server as http on port 80. Coming from the IIS world I kind of like my default document folder to be named inetroot. The default folder in Abyss is to htdocs so I changed this as a personal preference. This step is in no way requird to make things work.
I created a folder “cam” inside the inetroot folder and added a Index.html file to it.
Reverse proxy allows the web server to access resources inside the firewall and pass the information on to the web page. This was always one of the major hickups I encountered before. As I have mentioned before I absolutely refuse to expose the actual cameras to the web due to security issues. This way I can access the cameras without actually exposing their built in web server to the world.
In the Abyss consol I did the following
- Press Configure on the host
- Press the Reverse Proxy option
- Add the different cameras as different paths. For instance “/cam/camera1”, “/cam/camera2” etc. and point the proxy to their respective image URLs. Note: For some reason the DCS-935 generates a 500 server error every other time the reverse proxy is called, I have no clue why.
- Restart the server (with comes up as a bar in the console gui)
As mentioned before I do not wish to expose the cameras to the world. Sure they currently only show my garden ouside but still. So I needed to find a way to password protect the cameras.
Here Abyss comes with another nice feature. Access control. You can add users and/or groups and then set certain virtual paths to only allow the specific users/groups. This was spot on what I wanted. In my case I created a user and set the /cam/ folder to only be accessable to that user… which in turn made the different cameras password protected at the same time. Perfect!
Passwords are good… but if you expose the passwords by sending them in clear text then just about anyone can sniff them out and start using them themselves. I obviously needed to make my side Https.
I have no real need for a CA certificate since I will pretty much be the only one using my site. So a self signed certificate is good enough for my uses.
Yet again Abyss stepped up to the plate. Changing the standard Http to Https was quick and painless… or so I thought… The configuration worked flawlessly and it seemed to work as intended… but my web page refused to show.
It did not take me long to realize my mistake. Http runs standard on port 80. Https runs standard on port 443. My router was set to allow port 80 but not port 443. I simply changed my router settings from port 80 to port 443 and then the page was back up and running again.
You can read about how to change from http to https here:
I consider this part of the project done.
Next will be to look closer att Google Firebase Cloud Messaging and making a very basic Android app that allows the server to send a notification to my cellphone. So far I have only installed Android Studio but have not even opened it yet 🙂