|Does your router have a DMZ? If yes, you should put your web server inside the DMZ. This segments it form your LAN preventing people from outside getting in to your network.|
Alternatively, you could port forwarding on the router. However, this method allows external users inside your LAN. If one of them should hack your web server, it could leave you completely exposed and helpless allowing them to do as they please with your server, and anything else connected to your LAN.