only on domain and private networks coffee shop is a public type of network, also it depends on the settings of the network related to the coffee shop if the network in the coffee shop is configured as private network the inbound rule will allow access to the web server in all for all the rule has to be observed domain connections or private ones in this case only

I think what your asking is say if i had an implicit deny on incoming web traffic, regardless if i was on a public or private network, you would either need to allow all web traffic or explicitly allow only traffic from your chosen source

according to chatgpt, The ability for inbound connections to reach your web server depends on your network configuration, firewall settings, and the type of connection you've allowed. Let's break down your question: When you allow inbound connections to a web server for domain and private networks: Domain Network: A domain network typically refers to a network within an organization that is managed by a domain controller. If you've allowed inbound connections for domain networks, it means that computers and devices within the same domain network as your web server can access it. Private Network: A private network usually refers to a trusted local network, such as your home network. Allowing inbound connections for private networks means that devices connected to the same local network as your web server can access it. Whether someone can access your web server from a coffee shop or any external location depends on additional factors: Public IP Address: If your web server has a public IP address and is accessible from the internet, people from any location, including a coffee shop, can access it if they know the IP address or domain name associated with your server. Port Forwarding: To allow external access, you might need to set up port forwarding on your router/firewall to route incoming requests on specific ports (like port 80 for HTTP) to your web server's internal IP address. This configuration enables users from outside your local network to access the web server. Firewall Rules: Your server's firewall rules need to allow inbound traffic on the specific ports you want to use for your web server. If you've configured your firewall to only allow inbound connections from domain and private networks, then users from coffee shops and other external locations might be blocked. VPN or Remote Access: If you're using a VPN (Virtual Private Network) to access your domain or private network remotely, you might be able to access your web server from a coffee shop through the VPN connection. This would make it appear as though you're on the trusted network. In summary, allowing inbound connections for domain and private networks means that devices within those networks can access your web server. To allow access from external locations like coffee shops, you would need to set up appropriate network configurations, including port forwarding and potentially VPN access, depending on your specific requirements and security considerations. Always prioritize security and ensure you're following best practices for network and server setup to protect your resources.