1. Install any VNC server. (e.g. TightVNC)
2. Install Python. (download installer from the web site)
3. Install numpy. (e.g. 'pip install numpy' in admin command prompt)
4. Install websockify. (download from github then run 'python setup.py install')
5. Install any Web server or Google public online noVNC client. (must support SSL if you want encrypted remote desktop)
6a. Create a self-signed cert (key and cert files) with the domain name as the common name. (you can use online self-sign cert generator)
6b. If the web server can generate cert (e.g. Abyss), use the key and cert files generated by the server instead.
7. Setup a web site on a port (e.g. port 443) the root pointing to noVNC\...\ containing the file vnc.html with the cert files and enable SSL.
(You don't need web site and server if using publick online noVNC client)
8. Register a free dynamic IP service (e.g. noip.com) to have a domain pointing to your public IP.
9. Install the dynamic IP client from the service to update your IP.
10. Run websockify in an admin command promot (doesn't matter where to run the command as it's installed).
(websockify --cert= --key= :80 :5900, forward websocket from 80 to VNC server 5900)
(e.g. websockify --cert=myhp.crt --key=myhp.key 192.168.0.15:8080 192.168.0.15:5900)
11. Setup your router forward ports to your web server (443) and websockify (8080) or you can use tunneling service like ngrok.
(If using ngrok, the forwarded address must much the websockify incoming IP (e.g. ngrok is localhost, must be localhost)
12. Open the vnc.html (e.g. https://yourdomain/vnc.html) on a client web browser.
(For self-signed cert, websocket will fail. Run "chrome --user-data-dir=c:\temp\chromtest --ignore-certificate-errors" to use chrome ignore cert error)
13. Set the connection settings on the web page as Encrypted, Hostname: yourdomain, Port: 8080, Path: blank. Then click connect on the page.
Open VNC HTML