Can someone please explain to me, a casual home user, why it's dangerous to expose my NAS login page to the internet?... - eviltoast

…without snark or jumping down my throat. I genuinely want to know why it’s so unsafe.

I’m running a Synology DS920+, with my DSM login exposed through a Cloudflare tunnel. I have 2FA enabled, Synology firewall enabled with these rules in place. I also have this IP blocklist enabled.

After all of this, how would someone be able to break in via the DSM login?

  • Accomplished-Feed123@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Question: and I ask here because I think it pertains to the conversation but I’m not sure. I enjoy using the remote connect features of my Synology NAS. I do DDNS and quick connect. I use 2FA and a 14-16 character password. I’ve disabled the default admin account and I use the firewall.

    I like to use my iPhone to stream movies and look at docs while on the road.

    Am I at a huge risk?