Host from home WordPress/Domain name with SSL/HTTPS on Synology NAS

Host from home WordPress Domain name with SSL HTTPS on Synology NAS

Have you installed wordpress on your Synology and want to use your website domain name instead of your synology name or Lan ip? You want your blog site to be reachable from all parts of the world with a secure SSL / HTTPS connection?  Do you want to host your site directly from home without having to pay for the increasingly expensive hosting service?

Attention: this guide works for all types of Synology 2Bay-4Bay-5Bay etc. It works perfectly starting from DSM 6.2 + and hopefully for all the future versions too.
Warning: This Guide works perfectly if you have a FIXED IP. If you do not have it, there are additional steps to do that are not included in the guide. I advise you to talk to your internet service provider and to buy directly from them a FIXED IP that will identify you every time you make an internet connection. If you are a synology nas user, the dynamic ip will only complicate the procedures by making you become a victim of other unnecessary services and procedures.

After 24 hours of breaking in my synology DS718+, I decided it was time to install wordpress from the package offered by synology.

Let’s start from the beginning: First of all, buy a Synology Nas. I strongly recommend the DS718 + or the DS218 + version, although the procedure also works on “older” versions. I recommend these two models because they offer the possibility of upgrading the ram and the processor is more powerful than the predecessors.

So, before starting you have to install all these applications from the Package Center:

download Synology package

-PHP 5.6
-PHP 7.0
-Maria DB 10
-Apache HTTP server 2.2
-Apache HTTP server 2.4

Now go register a new personal domain, in my case I registered via GoDaddy.

register new domain

After registering the domain go to the appropriate section of the register (in my case GoDaddy) and look for the DNS option.

go to dns

Now all you need to do is change the A records and enter your STATIC IP provided by your internet service provider.

change A records

Follow the instructions in the following image scrupulously and hit save.

Save a records

Warning: Now go read Paul Barrett’s guide on how to install wordpress. Below I will provide instructions for operating your domain via https / SSL. First of all remember to open the following ports on the “Port Forwarding” router. After having done so, save the settings.

Port 80 on TCP

Port 80 on UDP
Port 443 on TCP
Port 443 on UDP
Port 5000 on TCP
Port 5001 on UDP

Port 80 will allow visitors to visit your site, port 443 will allow visitors to visit the site via ssl protocol, port 5000 is the port of your DSM login, port 5001 is the port of your DSM login in https version / ssl. I own a D-Link router but most routers allow you to change these settings directly by typing in your browser bar Remember to include in the port forwarding the local ip of your Synology device that will be slightly different from router. The instructions entered in your router should appear this way:

router port forwarding

Now in your dsm go to Control Panel -> Security – Certificate.

add ssl certificate

Click on ADD and follow the next image:

add certificate ssl step 2

Continue to follow the next image. If you already have a certificate bought from a third party, you can import it by entering the CSR. If you want a new and totally free one released by let’s encrypt, then continue to follow the instructions on the image below.

add certificate ssl step 3

Enter your domain name, then your email and then www followed by your domain name. Then click save.

add certificate ssl step 4

Now comes the most important part. Go to Configure and carefully follow the instructions in the image below.

FTPS: to access to your DSM via ftp ssl
System Default: to access your DSM via to access ssl www version of your domain to access ssl of your domain

add certificate ssl step 5

Now you can perfectly connect to your site in the https version.
Also remember to edit the .htaccess file in the wordpress folder to force ssl access and insert:

RewriteEngine On
RewriteCond% {HTTPS}! = On
RewriteRule ^ (. *) $ Https: //% {HTTP_HOST}% {REQUEST_URI} [L, R = 301]</​code>

Remember, these lines of code will be written at the beginning of your .htaccess not in the middle, not at the end, but at the beginning of the file, before # BEGIN WordPress. You can access your DSM by entering your https domainame: 5001 But first of all, you will have to follow the image below:

connect dsm synology using your domain name

To prevent using port numbers to access the NAS DSM, I have recently found out that you can use the NAS as a reverse proxy.
You’ll find it it Control Panel -> Application Portal -> Reverse Proxy

Then set up e.g. to point to eg. https://your_nas_internal_ip:5001

Remember to add the host name in your DNS as an A record (or simply add * to point to your external IP.
You should also add the sub-domain to your SSL certificate from Lets Encrypt, either by creating a new certificate or by removing the old and then add the sub-domain under alternative name (you can add more than one domain, separated by a semi-colon)

This post was updated on Tuesday / February 19th, 2019 at 1:11 PM