Once I ran a portscan of my own public IP from outside the house.
A webserver was listening at port 80, which turned out to be the control panel to my router.
I called up the ISP who provided the router. They explained that they needed this setup to remotely access and debug their customers' private networks.
Consequently, the port-forwarding settings had no option to turn off this " neat little feature".
Is this a normal approach? And am I wrong to think that this is a horrible setup?