Synology Reverse Proxy

Tutorial Synology Reverse Proxy

Currently reading
Tutorial Synology Reverse Proxy

1
0
NAS
DS718+
Hi Rusty.
Thanks for this tutorial. I have setup my Unifi controller so port 443 is forwarded to the Synology via RP and that seems to work fine as far as resolving addresses for the various services I have running. However, I have 2 issues:

1) Despite setting up HTTPS and assigning Let's Encrypt SSL certs, my browser shows connection is not secure. This happens whether typing in the FQDN on internal LAN or from an external connection. DDNS is via [MyDomainName].synology.me. Any idea of how I can get this to show a secure connection?

2) I still seem to be getting huge lists of threats in the Unifi Intrusion Protection System - It's just now that all requests are coming in at port 443 instead of all the other ports I previously had open via NAT.

1613043182955.png



Any advice is gratefully received.

Thanks
 

Rusty

Moderator
NAS Support
4,078
1,172
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
2) I still seem to be getting huge lists of threats in the Unifi Intrusion Protection System - It's just now that all requests are coming in at port 443 instead of all the other ports I previously had open via NAT.
Well, I guess this makes sense. At least now you can protect and harden that single port instead of fighting on multiple fronts (ports).

Considering that you are opening on 443 to the world the only thing you can do now is limit and terminate the connection on the IPS/IDS level to prevent it from even reaching your NAS from specific sources (countries).

1) Despite setting up HTTPS and assigning Let's Encrypt SSL certs, my browser shows connection is not secure. This happens whether typing in the FQDN on internal LAN or from an external connection. DDNS is via [MyDomainName].synology.me. Any idea of how I can get this to show a secure connection?
If you have a valid cert this shouldn't happen, however, the question remains when does this happen exactly? When you access it using the root domain, or some xxxx.mydomainname.synology.me domain? If you are using it with multiple subdomains, does your cert cover those domain names? Is it a wild card cert or a single named one? Does it have any SAN values inside it?

Give a bit more info on it, also, have you tried with multiple browsers?
 
4
0
NAS
DS218+
Anybody knows how can I restart nginx via ssh in DSM7?

synoservicecfg –restart nginx doesn't work 🙄
-ash: synoservicecfg: command not found
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

if we are talking about the host side of a docker container port mapping, then yes, this is not going to...
Replies
12
Views
569
fredbert submitted a new resource: Synology Product Security Advisory - A link to the latest DSM and SRM...
Replies
0
Views
176
Know about it but no ios app for it as far as I see so not really my main target platform
Replies
2
Views
375
As above. SMB has been refined considerably by Apple so that even the minor Terminal tweaks are no longer...
Replies
20
Views
876
Geeked submitted a new resource: How to setup and run Reactive Resume in Docker on Synology - A...
Replies
0
Views
456

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top