Hi
Some days ago I started using my first NAS for my small business. I followed tutorials and the Syno guides and of course discussions on this Forum.
However, I am a bit worried about my security settings and setup. I don't know if my NAS is too much exposed outside. I am not a specialist and I would like to share with you my "setup", hoping in some tips:
NAS setup
- I am NOT using DDNS
- I have a Let's Encrypt certificate
- I changed the HTTP and HTTPS ports for DSM
- I am redirecting all the HTTP requests to HTTPS
- QuickConnect is deactivated
- Password are strong
- In Security > Firewall I have the following:
DSM ports (HTTP and HTTPS) Allowed
Port 80 is Allowed
Port 443 is Allowed
XXXX (the port I defined for the VPN) is Allowed
Then I have "Deny All" rule at the really bottom .
Router
I have port forwarding for the following ports
- 80
- 443
- XXXX (The port I defined for the VPN )
That's it.
Are my NAS and Router correctly set?
Port forwarding port 80 and 443 is necessary? It's dangerous?
Thanks!
Some days ago I started using my first NAS for my small business. I followed tutorials and the Syno guides and of course discussions on this Forum.
However, I am a bit worried about my security settings and setup. I don't know if my NAS is too much exposed outside. I am not a specialist and I would like to share with you my "setup", hoping in some tips:
NAS setup
- I am NOT using DDNS
- I have a Let's Encrypt certificate
- I changed the HTTP and HTTPS ports for DSM
- I am redirecting all the HTTP requests to HTTPS
- QuickConnect is deactivated
- Password are strong
- In Security > Firewall I have the following:
DSM ports (HTTP and HTTPS) Allowed
Port 80 is Allowed
Port 443 is Allowed
XXXX (the port I defined for the VPN) is Allowed
Then I have "Deny All" rule at the really bottom .
Router
I have port forwarding for the following ports
- 80
- 443
- XXXX (The port I defined for the VPN )
That's it.
Are my NAS and Router correctly set?
Port forwarding port 80 and 443 is necessary? It's dangerous?
Thanks!