Sigit Kusuma
Back to projects
Jun 15, 2024
4 min read

Setting Up HTTPS and Reverse Proxy for Synology NAS

This project focused on configuring HTTPS and a reverse proxy on a Synology NAS, enabling secure remote access using an external domain and SSL.

Client Request

The client reached out with the following request:

“Hey, how’s it going? I’m trying to set up HTTPS and a reverse proxy on my Synology NAS, but having some trouble. I want all traffic over HTTPS and to also open up some services to be accessible when not within the local network. Is this something you can help me with?”

The Challenge

The primary challenge was ensuring secure remote access to the Synology NAS. The client wanted all traffic encrypted via HTTPS and needed the ability to access certain services outside the local network while maintaining security.

Proposed Solution

After discussing the client’s needs, I recommended the following approach:

  1. Use an External Domain
    Instead of using a domain from Synology, I suggested using an external domain. This would provide an additional layer of security for accessing the NAS over the internet.

  2. Cloudflare Account and Configuration
    I set up a Cloudflare account to manage the domain and ensure secure, encrypted communication using HTTPS. Cloudflare provides DNS services, SSL, and added security features like DDoS protection.

  3. Container Setup in Synology
    Configuring the necessary reverse proxy services via Docker containers within the Synology NAS.

  4. SSL and HTTPS
    All traffic would be encrypted with SSL certificates, enabling HTTPS for secure access to the Synology NAS and its services.

Implementation Steps

1. Registering and Configuring an External Domain

  • The first step was registering an external domain for the client and pointing it to Cloudflare. Cloudflare would manage DNS and provide SSL certificates to ensure the site is served over HTTPS.
  • Cloudflare also offers SSL for free, which makes it an ideal choice for this kind of project.

2. Setting Up Cloudflare for DNS and SSL

  • Configured DNS records within Cloudflare to direct traffic to the Synology NAS.
  • Activated SSL in Cloudflare to ensure that all data transmitted between the client’s NAS and users on the internet is encrypted.

3. Configuring Reverse Proxy on Synology NAS

  • Installed and configured a reverse proxy on Synology NAS using the Synology Web Station and Docker container.
  • Set up the reverse proxy to route traffic to specific services on the NAS while ensuring all requests are routed over HTTPS.

4. Enabling Remote Access

  • Once the reverse proxy was set up, I configured the NAS to allow access from outside the local network, utilizing the new domain and Cloudflare’s DNS services for stable and secure connectivity.
  • Services that needed to be opened up were specified in the reverse proxy settings to ensure only the intended services were accessible.

5. Testing the Setup

  • Finally, I performed thorough testing to ensure the NAS was accessible remotely via the new domain, and that all traffic was properly encrypted over HTTPS. The client could access their Synology NAS securely from anywhere.

Conclusion

By using an external domain, configuring Cloudflare, and setting up a reverse proxy, we were able to meet the client’s needs for secure, remote access to their Synology NAS. The implementation ensured that all traffic was encrypted with SSL, and the client could now safely access services from outside their local network.

Client Review

Client: Business Owner
Feedback:
“Sigit was exceptional to work with. He communicated clearly, and got started right away. Highly recommend using Sigit for your next project or task!”
Rating: ★★★★★

Prev
Proxmox High Availability Implementation
Next
WordPress Migration to Synology NAS with Cloudflare Tunnel