NAS Storage Blog

NAS storage news, reviews, tips and tricks

Use IP blocking (Auto Block) in Synology DSM if some ports are open

With IP blocking it is possible to deny connection to certain IP addresses that tries to connect to different services on your Synology NAS. If it is possible to access your Synology via SSH, telnet, WebDAV, FTP, rsync and others from the Internet due to a port forwarding, IP blocking is a nice security feature. It prevents the bad guys from keep trying to connect to your NAS services and gain access if they provide the correct username and password. This must not happend.
If a someone tries to login to DiskStation via SSH and the number of failed login attempts is too many according to the number of login attempts that you define, the IP will be added to an IP black list. Your NAS now knows that this IP is blacklisted and it should not be allowed to try to connect to the service.

Enable IP blocking in Synology DSM 4

By default IP blocking is not enabled in DSM so you will have to enable ít.

  1. Login to your NAS.
  2. Open Control Panel and go to Auto Block.
  3. Check Enable auto block.
  4. Set Login attempts to 5 and Within (number of minutes these 5 login attempts must be within) to 5.
  5. Click Apply.

That is one step closer to a more secure NAS.


Leave a Reply