Synology: Securing NAS When Exposing It to the Internet

Synology Securing NAS When Exposing it to The Internet

Should you expose your Synology NAS to the Internet? Certainly, if you use the NAS as a web server. In this guide, I will teach you how to secure your Synology NAS once it is exposed on the Internet. Have you decided to host your WordPress website and show it to the world using your Synology NAS? I will teach you how to protect yourself and become invulnerable to every attack, recent and old.

  • STEP 1 – Make a Difference

Please Support My work by Making a Donation.

  • STEP 2 – Not all Routers Are the Same

A lot of routers are full of vulnerabilities. You may find a router at a bargain price at the supermarket and think to yourself ‘What a good offer!’ and buy it. When you get home, you give your bargain of a router access to your PCs, tablets and mobile phones not knowing the dangers you are about to expose yourself to.

Protect your home and office Internet connection with a router that can actually protect you. Let’s talk about the Synology RT2600ac router. Its powerful SRM operating system is leading edge technology and the best choice for your Synology NAS and your home network. Without a good router with intelligent software you can never really protect your NAS. Most attacks are blocked directly by the router if it’s equipped with a state-of-the-art firewall and powerful tools such as Threat Prevention. Threat Prevention dynamically guards the network security of your Synology Router and its subordinate devices in the following ways:

  • Inspecting Internet traffic to detect and drop malicious packets.
  • Recording network events and offering statistical analyses regarding malicious sources.
  • Delivering alert notifications on Log Center, via e-mail and SMS.
  • Allowing manual and automatic updates for enhanced protective power.

Another strong point is the Safe Access application. Safe Access shields your network and allows you to manage the devices connected to your Synology Router. With Safe Access, you can set up different levels of web filters and impose daily time quotas on different users. Your network will benefit from the following features:

  • Internet Schedule: Set up when to allow or block Internet access.
  • Time Quota: Configure daily time allowances for Internet access.
  • Web Filter: Set different levels of access restrictions and customize your own web filter to block inappropriate websites (parental control).
  • STEP 3 – Change your Default DNS on Router and NAS

Change your ISP default DNS with OpenDNS both on your NAS and Router.

  • STEP 4 – Install Real Time Protection on your Devices

An Antivirus must be installed on all your PCs that access the Internet. Your Antivirus must be equipped with the “Real time” protection function. It must block both viruses and potential malware before they enter your system. To protect your NAS, first protect the computers within your home network with powerful and cutting-edge tools. Protect your computers, mobile devices, and tablets from viruses, ransomware, malware, spyware, phishing and more.

  • STEP 5 – Choose a Strong Password

You need a strong password for your Synology NAS and Router which should include capital letters, lowercase letters, numbers and special characters.

  • STEP 6 – Enable 2-Step Verification

Activate PIN verification on your NAS that will send a PIN to your mobile number after you insert your password.

  • STEP 7 – Set up Synology NAS Firewall

Properly configure your Synology NAS Firewall.

  • STEP 8 – Activate Auto Block

Enable Auto Block in Control Panel / Security and add IP BLOCK LIST.

  • STEP 9 – Disable Unused Services, Applications, Accounts

Do you have services you don’t use on your NAS? Turn them off. Do you have applications you don’t use? Uninstall them. Do you have users who no longer access the NAS? Delete them.

  • STEP 10 – Install an SSL Certificate

Activate the DDNS service and log into your NAS via the SSL certificate.

  • STEP 11 – Keep your Synology Devices Updated

Download the latest version of your DSM operating system for the NAS and SRM operating system for your Synology router. Remember to update all the packages you use.

  • STEP 12 – Do You Run WordPress? Configure your .htaccess on WordPress

Protect the security of your site via .htaccess and get the A+ result just like mariushosting. Don’t know how to do it? Contact me and I’ll help you set it up.

A+ Security score

  • STEP 13 – Backup Strategy

Use Hyper Backup to protect your website. Each backup copy of your data and databases will make you sleep peacefully.

This post was updated on Sunday / August 30th, 2020 at 2:37 AM