1

A customer would like to lease an IP address and point it to a dedicated web server with the intention of "masking" the server's IP address so it would be difficult to tell where the site is hosted.

I found a company that leases IP addresses here: http://www.webhostingtalk.com/showthread.php?t=1191688

Is this even possible? Can they rent an IP address from a 3rd party in order to hide the server's IP address?

Update:

My client will be hosting a government leaks site and is trying to become Raid-Proof similar to what the pirate bay did: http://torrentfreak.com/pirate-bay-moves-to-the-cloud-becomes-raid-proof-121017/

Only that I'm worried about using a reverse proxy because of the latency it could cause having the app servers hosted in one data center and the load balancer/reverse proxy in other and also having to pay twice for bandwidth.

net-girl
  • 27
  • 1
  • 1
  • 3
  • keep in mind that this can't completely hide the server's IP address. whatever IP you "rent" will need to know where to ultimately connect to. that MUST be in the configuration somewhere. if the person/organization trying to locate the server is persistent or powerful enough, they will get access to the "rented" IP (i.e., that server) and get the real IP from that machine. – longneck Nov 14 '12 at 01:37
  • 2
    Yes, but.. this will _not_ protect you from DDoS attacks, and it won't protect you from law enforcement. – Michael Hampton Nov 14 '12 at 01:43
  • It might help to tell us why they want this. Might be solving a problem that doesn't exist (or that can't be ultimately avoided) – gparent Nov 14 '12 at 01:50
  • 1
    The client will be hosting a government leaks site and is trying to become Raid-Proof similar to what the pirate bay did – net-girl Nov 14 '12 at 04:14
  • @net-girl - your concerns about latency are valid. Another option is to look at someone like [PRQ](http://prq.se/?p=dedicated&intl=1) - they host ThePirateBay and their way of dealing with DCMA's are to delete them. – Mark Henderson Nov 14 '12 at 04:40
  • 2
    Keep in mind, the pirate bay not only uses a Reverse Proxy, but they also have Encryption to protect their data. The raid-proof concept is how fast they can get the site on line, not really that the Govt can't figure out their identities. – Jacob Nov 14 '12 at 05:13
  • 1
    Aha. Well. If that's what you're doing, then you probably want to look at Wikileaks and the challenges they've had with hosting their web site. Unfortunately the question is much too broad for us to handle completely here, and I would suggest you hire someone with experience in this area. – Michael Hampton Nov 14 '12 at 15:59

2 Answers2

8

You can achieve this in multiple ways, but basically you need to set up a web server somewhere else, and then reverse-proxy the HTTP requests.

It doesn't matter where, and don't bother with "renting" any IP space.

You can do something like this for free with Amazon's EC2 micro (free) instances, or basically any VPS provider that will give you root access to a Linux installation.

Good news is doing this with Amazon's EC2 is that it's simple enough to change your IP address if you need to in future, just release your old IP and assign a new one.

I have used methods to bypass geographical restrictions on certain services. Starting a free Micro instance, and then proxying via a VPN into an area that people can't normally access. Just don't be surprised when you receive a Cease and Desist.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
  • Similar to the problems with Cloudflare in [this answer](http://serverfault.com/a/448449/32986) hosting with Amazon (even in diverse availability zones would make you vulnerable to takedown notices. You really need multiple diverse hosting arrangements, in areas with strong freedom of speech protections. – voretaq7 Nov 15 '12 at 06:17
2

You could probably kill two birds with one stone by setting up your website with a content distribution network. Cloudflare is getting a lot of press lately, and seem to be pretty well recommended, but there's other options.

This will also probably speed up your website for people near CDN servers, and possibly add another level of protection of ddosing with some CDNs.

If this is to avoid legal entanglements, I have no idea. Someone somewhere needs to know who you are to reach your website.

Journeyman Geek
  • 6,977
  • 3
  • 32
  • 50
  • In this particular case (government leaks site) a CDN would probably be a bad choice -- a takedown order to the CDN would knock out all of your distributed data. – voretaq7 Nov 15 '12 at 06:07
  • Thats wasn't mentioned when I actually answered it ;p – Journeyman Geek Nov 15 '12 at 06:09
  • I know, but the person who stumbles on this in a year, hosts their site on Cloudflare, and then gets knocked off the net by a nastygram from the attorney general's office might not be bright enough to figure it out :) – voretaq7 Nov 15 '12 at 06:12