Emma loves Minecraft. It's no surprise, as it's a cross between Legos and D&D, both of which I loved as a kid. Some of her friends love it too and they want to play together in their own server worlds. We run server worlds in our LAN, so they can do this when they come over to visit. But she has at least one friend who lives far away and really wanted to do this without having friends come visit in person to get on our LAN.
That means exposing her worlds to the internet.
I discussed with her the risks. Security is only so good - there will always be holes that a sufficiently determined hacker can get through. So you turn on whatever security is available and make regular backups in case the worst happens. Then decide if the benefit is worth the remaining risk. In her case, it was.
So I looked into different ways to do this. There are several.
Cloud Hosting
The most full-serve option is to rent a VM in the cloud, run your Minecraft server on it, transfer your world files to it, and open it to the internet.
One cloud hosting solution that looked good was Host Horde It is cheap (starting at $5/month), scalable, and has good reviews.
Host Your Local Server
Here, you run a Minecraft server on a machine in your house. Then you use a static IP or Dynamic DNS to make it publicly accessible. And you configure your router to open the ports and pass them to the right machine on your LAN.
I am loathe to pay for something that I can do just as easily myself for free. And I like learning and doing new stuff with computers. I have a decent old workstation collecting dust. It's a dual core 3.2 GHz 32-bit 4 GB RAM 1.5 TB Dell running Ubuntu. More than enough processing power to run a Minecraft server.
There are several ways to get a public Dynamic DNS. I used No-IP since the basic service level is free, it has good reviews, and if your needs grow you can scale up to a paid account. The basic free service is enough to host one or more Minecraft servers.
Here's what I did.
Each step is has details below.
Creating a No-IP account is self-explanatory.
You get up to 3 hostnames at the basic free service level. You only need 1. Since I already have 'mclements.net', I used 'mclements.ddns.net'.
Go to the Minecraft directory that stores the world you want to make public. Edit the file server.properties. Set the port you want to use - the default is 25565 but you might want to change that. This might hide your server from crawlers looking for unsecured Minecraft servers to grief. Also, set whitelist to true. Save the file, then create a file called white-list.txt. In this file, enter the Minecraft usernames of the players to allow. In my case this includes me, Emma, and some of her friends. When you start the Minecraft server, it will detect that the file white-list.txt has been edited. It will look up these usernames, get each's corresponding GUID, add the usernames and guids to the file whitelist.json, and delete the file white-list.txt.
To test security: I turned on the whitelist, added Emma's username but not mine. Started the server. Tried to connect to the server world from my Minecraft client, logged in as me. It rejected me - saying I was not in the whitelist. Then I stopped the server, added my Minecraft username, started the server, connected my client again, and it let me in.
Finally, back up all your server worlds.
I do this with a simple tar command:
tar cfz mcraft.tgz world*
At this point your Minecraft server is configured and secure. You're ready to open it publicly.
My router - a Netgear N750 WNDR4300 - listed No-IP as an option in the DDNS screen. This made it easy to enable DDNS - just enter my No-IP account credentials. Whenever your IP address changes, your router will detect this and call No-IP to update the DNS record. If your router doesn't support Dynamic DNS, No-IP has a free Linux utility that does the same thing. Installing this takes only a few simple steps.
The default Minecraft port is 25565. Forward whatever port your Minecraft server is using to the machine on your LAN that's running the Minecraft server.
That's it - you're done. I recommend stopping the Minecraft world when you're not playing, as a simple security measure. I wondered if our internet connect was fast enough. We use CenturyLink, which is DSL about 11 Mbps down and only 100 Kbps up. But it seems to work just fine. Emma plays over the LAN and usually has only 1 other person playing remotely. Works just fine. If the worlds are slow, you can adjust view-distance in the server.properties file. The default is 10. You can set it to 15 on a fast LAN - the far distance views are stunning. On a public server, you can reduce it. Theoretically, cutting in half should reduce data bandwith by a factor of 4:1, since half the radius has 1/4 the area (of stuff that needs to be drawn).