Redirect HTTP to HTTPS on Synology NAS

When having the Synology DSM open on port 5000/5001 I can configure it to always redirect to 5001 (HTTPS). But now I have created a custom sub-domain and a rule in the reverse proxy to route traffic on this sub-domain with HTTPS/443 to localhost:5000 so that I don't have to expose port 5000/5001 directly. But now I can't get the auto-redirect to work anymore. If entering http://nas.mydomain.com:80 I don't get redirected to port 443 but to 5001 which is closed. Can I configure it to redirect to 443 instead?

Andreas Zita

Posted 2017-06-13T16:33:46.873

Reputation: 199

I'd just like not having to enter any port at all. I mean just entering "nas.mydomain.com" in a browser should take me to the secure endpoint and by default it will be http:80 which then would redirect me to https:5001. But if entering https://nas.mydomain.com:443 explicitly, that should work too and not redirect to anything. I also have another web-app I want to work in the same way, on another sub-domain. – Andreas Zita – 2017-06-13T16:52:44.917

Answers

Synology DSM Menu > Control Panel > External Access -change http to 80 and https to 443 like this (Control Panel example setup)

No need to forward the ports just changes them in the control panel since from a security point of view its the same just what you are doing adds extra work and more resource usage from the NAS.

repairmant

Posted 2017-06-13T16:33:46.873

Reputation: 74

Thanks for the suggestion, but that didn't work for me. Still get routed to 5001. – Andreas Zita – 2017-06-13T17:12:52.793

Make sure any of your redirects that you might of manually tried have been removed. Also dont forget to reboot your NAS and router just to be sure the settings take. – repairmant – 2017-06-13T17:21:08.730

Still nothing. All I have now is port forwarding 80:80 and 443:443, a reverse proxy rule https://nas.mydomain.com:443 to http://localhost:5000, opened 80 and 443 in firewall (do I need to open 80 in this case?). And added your suggestion as well. When going to http://nas.mydomain.com it redirects to port 5000 and times out. If having the autoredirect-option turned on I get redirected to 5001 instead. But also times out. When entering httpS://nas.mydomain.com it all works fine. Strange. – Andreas Zita – 2017-06-13T17:43:30.683

Yes forward port 80. Did you reboot both your NAS and router? Also make sure to clear your browser cache and cookies also. – repairmant – 2017-06-13T17:46:07.167

Also here is a threat with some more solutions you can try out. Keep in mind once your do get this to work web station and or photo station might not work. https://forum.synology.com/enu/viewtopic.php?t=50796#p238791

– repairmant – 2017-06-13T17:52:26.903

Rebootet NAS and router and trying to access from another browser app, still redirects me to 5000/5001 from http. Thanks for the link, but I don't want to mess to much with this in case I break something. I'll resort to just entering https directly instead. – Andreas Zita – 2017-06-13T18:09:35.350

Last think I can think of at the moment might help is change External Access http port to some random port and setup Web Station with http to port 80 and https to some random port. Then setup a .htaccess file in the web shared folder to redirect http or port 80 to 443. The random ports you should not port farward. – repairmant – 2017-06-13T18:16:11.413

I was also trying to configure remote access to my Synology via HTTPS on default port 443 I managed to achieve it with these steps:

Configure external ports in DSM Menu > Control Panel > External Access > Advanced tab (set DSM (HTTPS) port 443)
Configure port forwarding on router where external port 443 is redirected to Synology NAS port 5001 (the HTTPS port that is configured in Control Panel > Network > DSM Settings, 5001 is the default one)

vladimirm

Posted 2017-06-13T16:33:46.873

Reputation: 111