Synology Inc. Online Community Forum

[eaz]

DS212+
I have set up an elearning (efront) and was successful in port forwarding and bringing the site on line via a dedicated port, and set firewall rules to prevent external access to eg port 5000.
I have created a virtual sever and map (on the firewall) port 80->port 5500.


However, I notice that my photos are still shared online:
if someone navigates to
<mywebsite> this will redirect them to the right elearning website

if someone might be tempted to type
<mywebsite/photo> they will end up seeing my photos.

How to set/prevent access to photo station via external HTTP, and still use photo station from my LAN?
Thanks for helping me in this new area...

[henkg]

I think your Photostation folders are set as 'public'.
Default setting for Photostation is: 'set new folders as public albums'.
This can be modified in Photostation (logged in as admin) under Settings, tab General.

Existing folders: In Photostation (logged in as admin) navigate to Photos. Open the folder. Under 'more' you will see Album info and privacy. Change the access permission into private album.
Now one has to login to see any Photostation folder. Read the users guide about creating Photostation users.

[eaz]

That is a great help, thanks!
Setting at least all folders to public prevents visibility of photos.
Next step would be to prevent photo station to start at all, meaning: someone types the address <mysite/photo> and he/she is prompted with: access denied

[n338550]

Hi !

Is there any better solution for this "problem" ? Cannot find any thread in Synology forum explaining howto

I realized yesterday that when "Photo Station 5" is enabled I can from Internet not only access the created personal photo station folders e.g. /~user1/photo but also a default one like hostname/photo where I am able to logon using DS or photo station accounts depending on what has been chosen in my settings. Since I use DS accounts to have all credentials in one place I would like to

[*] Either restrict logon for user "admin" ( same goes for root ? )
[*] Block hostname/photo with .htaccess or similar but where 2 put it ? ( placed in /volume1/photo is not working. I will this afternoon try to manual create /web/photo to see if that folder takes over the “invisible” default one )

Found a solution in some other thread howto prevent admin and root to be able to logon FTP by putting their account names in some etc/ftp conf file... Is there perhaps some similar file for photo station that I can edit thru SSH ?

Thanks in advance, Regards / Tony

[hapybrian]

Existing folders: In Photostation (logged in as admin) navigate to Photos. Open the folder. Under 'more' you will see Album info and privacy. Change the access permission into private album.

That was exactly what I needed. Thanks!
Kinda freaked me out when I logged out and there were all my pictures, still!