Il est possible de 'protéger' votre Synology derrière un reverse-proxy , ici c est un nginix
Voici la configuration du reverse-proxy
server {
listen <ip_v4_de_votre_ngix>:80;
listen [<ip_v6_de_votre_ngix>]:80;
server_name <fqdn_de_votre_synology>;
access_log /var/log/nginx/syno.log;
return 301 https://$host$request_uri;
}
server {
listen <ip_v4_de_votre_ngix>:443 ssl http2;
listen <ip_v4_de_votre_ngix>:5001 ssl http2;
listen [<ip_v6_de_votre_ngix>]:443 ssl http2;
listen [<ip_v6_de_votre_ngix>]:5001 ssl http2;
include includes/ssl.cfg;
ssl_certificate <chemin_de_votre_certificat>;
ssl_certificate_key <chemin_de_votre_clé_privé>;
server_<fqdn_de_votre_synology>;
access_log /var/log/nginx/<nom_de_votre_fichier_de_log>;
client_max_body_size 2048m;
location / {
resolver <votre_dns_interne> valid=30s;
proxy_pass https://<nom_interne_de votre_nas_DSM>:5001;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering on;
proxy_max_temp_file_size 0m;
proxy_set_header Connection "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 60s;
}
}
resolver : est optionnel