ToasterBotnet

If you want to access your NAS internally and externally you might run into the problem that you have to run port 5001 on your LAN and port 443 externally as port redirection. You could run on port 5001 externally aswell but that can cause problems if you want to access your box somewhere with strict firewall rules or if you want to share stuff with people. So it’s way more conveniant to just use 443 externally. If you want to run your synology directly on port 443, though, it tells you that this port is reserved and cannot be used.

You end up with a setup where on LAN you use port 5001 and for remote you redirect port 443 to 5001.

So now you have the problem that you are using different ports when your phone or laptop are on your WiFi or when they are connecting from remote. So how can you avoid changing ports in your DS Apps all the time ?

Well I found a workaround for this.

Just install web station. Change the backend to apache and add a .htaccess file to your webroot with rewrite rules:

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.)$ https://yourdomain.com/$1 [R,L] 
RewriteCond %{SERVER_PORT} 443 
RewriteRule ^(.)$ https://yourdomain.com:5001/$1 [R,L]

Now I can configure all my apps to use 443 as default and when they connect to the wifi they get redirected to 5001 internally. Also I can forward port 80 external to port 80 internal and now Letsencrypt works for auto-renewall. And for a bonus externally now port 80 redirects to https aswell.

Aren’t you all glad that technology is so straight foward all the time with obvious solutions? Synology could just let you use port 80 and 443 for your DSM Webportal in the first place. But who wants to do it the easy way if you can do it the hard way instead?

Have a great day 🙂