Can someone please explain to me, a casual home user, why it's dangerous to expose my NAS login page to the internet?... - eviltoast

…without snark or jumping down my throat. I genuinely want to know why it’s so unsafe.

I’m running a Synology DS920+, with my DSM login exposed through a Cloudflare tunnel. I have 2FA enabled, Synology firewall enabled with these rules in place. I also have this IP blocklist enabled.

After all of this, how would someone be able to break in via the DSM login?

  • R8nbowhorse@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Because you’re going to be hit by the next of the countless pre-authentication vulnerabilities that constantly pop up for appliance’s like yours.

    All your security measure will do absolutely nothing in that case.

    I don’t get why you don’t just set up a VPN? It isn’t more complicated than what you did, and offers far superior protection. And for 99% of use cases, you don’t loose any functionality either.