Photo Station not listening on custom HTTPS port

Questions about the Synology Photo Station can be placed here.
Forum rules
1) This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:

https://account.synology.com/support/su ... p?lang=enu



2) To avoid putting users' DiskStation at risk, please don't paste links to any patches provided by our Support team as we will systematically remove them. Our Support team will provide the correct patch for your DiskStation model.
scottkeen
Beginner
Beginner
Posts: 25
Joined: Sat Jul 16, 2016 7:13 pm

Photo Station not listening on custom HTTPS port

Unread post by scottkeen » Sat Jul 23, 2016 6:28 pm

Photo Station is not "listening" on my custom HTTPS port specified in Photo Station / Settings / General / Router Port / HTTPS

It seems to only want to listen on the default HTTPS 443 port.

I've set up port-forwarding in my router (it's actually a SonicWALL UTM) to forward the following ports to my Synology NAS:
TCP 5000 - DSM HTTP
TCP 5001 - DSM HTTPS
TCP 5005 - WebDAV HTTP
TCP 5006 - WebDAV HTTPS
TCP 5080 - Photo Station HTTP
TCP 5443 - Photo Station HTTPS

Image

There's NAT policies and Firewall Rules that I've set in the SonicWALL to allow and forward the ports to the Synology NAS private IP address. The DSM and WebDAV ports work great, I can access my Synology NAS remotely just fine for those services on those ports. But, not Photo Station. I get the error in Chrome, "ERR_CONNECTION_REFUSED". I can access Photo Station in Chrome when I'm locally connected to the network by using the local private IP address.

Here's my Photo Station settings:

Image

My router uses HTTPS port 443 for configuring. I've found that if I change my router port to use a different port, say 8443, then Photo Station can be accessed fine remotely since it wants to listen on port 443.

How can I get Photo Station to use port 5443 as I've specified both in the router and in Photo Station? What am I doing wrong or am I missing something?
Last edited by scottkeen on Tue Jul 26, 2016 4:08 pm, edited 1 time in total.

8105
Beginner
Beginner
Posts: 24
Joined: Tue Dec 23, 2014 6:47 am

Re: Photo Station not listening on custom HTTPS port

Unread post by 8105 » Tue Jul 26, 2016 1:15 pm

I'm also wondering about this. I noticed that "Photo Station" is not listed under "Application Portal" in the control panel, where other apps can be assigned custom ports (and domains).

8105
Beginner
Beginner
Posts: 24
Joined: Tue Dec 23, 2014 6:47 am

Re: Photo Station not listening on custom HTTPS port

Unread post by 8105 » Tue Jul 26, 2016 1:37 pm

Ok, I have decided to remove Photo Station and use something like 500px instead. This is for three main reasons:

1) Photo Station does not integrate with DSM as well as the other apps do; both when it comes to the UI widgets and theme, which look and work quite differently, and how the application itself is configured. I get the feeling this app is developed by a separate team, or even a third party, and it lacks a lot of the polish of the other official apps.

2) The photo browsing web interface insists on loading scripts from Google, both google.com and maps.googleapis.com This means my DSM domain and port are being reported to Google on every visit, telling them about its existence, and allowing them to track any visitors. This is completely unacceptable to me, and it appears to be impossible to disable this "functionality".

3) Unlike the other official apps, it does not seem to be possible to run Photo Station on the same port as the DSM, which unnecessarily complicates router configuration and link sharing.

Shame really, since I quite like the idea of running my own photo sharing site rather than having to upload my personal photos to a third party only to show them to friends and family.

scottkeen
Beginner
Beginner
Posts: 25
Joined: Sat Jul 16, 2016 7:13 pm

Re: Photo Station not listening on custom HTTPS port

Unread post by scottkeen » Tue Jul 26, 2016 3:57 pm

8105 wrote:I'm also wondering about this. I noticed that "Photo Station" is not listed under "Application Portal" in the control panel, where other apps can be assigned custom ports (and domains).
Thanks for referencing "Application Portal" in the Control Panel. I was able to get this to work by using the Reverse Proxy settings in Application Portal

Since Photo Station insists on listening on TCP 443 no matter if you change the settings in Photo Station to use another port like TCP 5443, and since my router is already using TCP 443 for configuring the router, I figured that I need to have port translation within the Synology NAS. I think that's essentially what Reverse Proxy is doing.

For the purpose of this example, I have Photo Station using ports 5080 for HTTP, and 5443 for HTTPS.

1. Setup Photo Station just like my above screenshot with port 5080 for HTTP, and port 5443 for HTTPS
2. Setup your router (I use a SonicWALL UTM) just like my above screenshot to forward ports 5080 and 5443 to the Synology NAS
3. Go to the Synology Control Panel / Application Portal / Reverse Proxy tab and click Create
4. Create a reverse proxy that takes the 5443 port coming into the Synology and translates it out as port 443 to the local IP address of your Synology NAS, since Photo Station insists on listening on port 443 even though you set it to 5443.

Image

5. Log out of your Synology then log back in. It should work now!

This is obviously some kind of bug probably with Photo Station. When you set Photo Station to use custom ports like 5080 for HTTP and 5443 for HTTPS, it does pass that information to the DSM but it continues to listen on ports 80 and 443. Using the Reverse Proxy to do port translation handles this bug just fine.

tvmaster
Trainee
Trainee
Posts: 19
Joined: Sat Apr 18, 2015 4:00 am

Re: Photo Station not listening on custom HTTPS port

Unread post by tvmaster » Tue Oct 04, 2016 10:15 pm

8105 wrote:Ok, I have decided to remove Photo Station and use something like 500px instead. This is for three main reasons:

2) The photo browsing web interface insists on loading scripts from Google, both google.com and maps.googleapis.com This means my DSM domain and port are being reported to Google on every visit, telling them about its existence, and allowing them to track any visitors. This is completely unacceptable to me, and it appears to be impossible to disable this "functionality".

Shame really, since I quite like the idea of running my own photo sharing site rather than having to upload my personal photos to a third party only to show them to friends and family.
How do you know this is happening? Can you explain so I can check this myself, as that sounds pretty silly on Synology's part to allow this to happen. But if true, I also would be cautious to use this app.

Thanks

8105
Beginner
Beginner
Posts: 24
Joined: Tue Dec 23, 2014 6:47 am

Re: Photo Station not listening on custom HTTPS port

Unread post by 8105 » Tue Nov 08, 2016 10:35 pm

tvmaster wrote:
8105 wrote:Ok, I have decided to remove Photo Station and use something like 500px instead. This is for three main reasons:

2) The photo browsing web interface insists on loading scripts from Google, both google.com and maps.googleapis.com This means my DSM domain and port are being reported to Google on every visit, telling them about its existence, and allowing them to track any visitors. This is completely unacceptable to me, and it appears to be impossible to disable this "functionality".

Shame really, since I quite like the idea of running my own photo sharing site rather than having to upload my personal photos to a third party only to show them to friends and family.
How do you know this is happening? Can you explain so I can check this myself, as that sounds pretty silly on Synology's part to allow this to happen. But if true, I also would be cautious to use this app.

Thanks
Press F12 with the Photo Station app open in your browser, select the "Network" tab in the window that comes up and press F5 to reload the app. Inspect the list of requested resources.

Number_9
I'm New!
I'm New!
Posts: 4
Joined: Sun Dec 19, 2010 8:07 am

Re: Photo Station not listening on custom HTTPS port

Unread post by Number_9 » Sun Dec 03, 2017 8:08 am

Just wanted to thank scottkeen for the detailed post. Helped me out a lot -- thanks!

scottkeen
Beginner
Beginner
Posts: 25
Joined: Sat Jul 16, 2016 7:13 pm

Re: Photo Station not listening on custom HTTPS port

Unread post by scottkeen » Tue Dec 05, 2017 8:34 pm

Number_9 wrote:Just wanted to thank scottkeen for the detailed post. Helped me out a lot -- thanks!
You're welcome!

fwiw, I just posted a solution for something else (unrelated to this) that all you sys admins will run across eventually with folder permissions.
https://forum.synology.com/enu/viewtopi ... 97#p509197

User avatar
Compstuff
Student
Student
Posts: 70
Joined: Sun Nov 11, 2012 2:48 pm
Location: Miami, FL

Re: Photo Station not listening on custom HTTPS port

Unread post by Compstuff » Sat Dec 16, 2017 2:25 pm

@scottkeen THANKS VERY MUCH for this solution!!! I was completely lost trying to figure out why Photo Station wasn't working as expected.

User avatar
cread
Knowledgeable
Knowledgeable
Posts: 322
Joined: Sat Jan 08, 2011 5:56 am

Re: Photo Station not listening on custom HTTPS port

Unread post by cread » Wed Jan 24, 2018 2:28 am

I can confirm that my PhotoStation has also stopped listening to the custom port. I could set up the proxy as suggested, but I am going to log a ticket. The links in DSM still use the custom port and once I went to 443 I was able to see it was still set.
- Chip
DS916+, DSM 6.1.7-15284 , 2x HGST NAS 4T HDN724040ALE640, USB backup of DS, CyberPower UPS
Apache 2.4,Audio,Calendar,CardDav,Drive,Docker,Doc Viewer,Download,File,Media,Note,Office,Surveillance,Text,VPN,Web,Audio,Photo,Python,Hyper Backup, WebDav, MariaDB, PHP7, (SMB, SSH, FTP)
RT2600ac-1.1.7-6941-1, VPN+ (Web VPN only),
DS211, DSM 6.0.2-8451 Update 6, 2x HGST NAS 4T HDN724040ALE640, USB backup of DS,
PC= Win7, I7-860 Trubo@3.5G, 8G, and 5T HD's installed

User avatar
cread
Knowledgeable
Knowledgeable
Posts: 322
Joined: Sat Jan 08, 2011 5:56 am

Re: Photo Station not listening on custom HTTPS port

Unread post by cread » Thu Feb 01, 2018 6:06 am

I have heard back from support and the reverse proxy is the way to get access. I do not know exactly when this changed, but I did have access through my port in the last couple of months. I used this port exclusively for all of my links (internal and external access). The issue with the reverse proxy is you cannot restrict it to the photostation. It will get the webstation as well as they both use ports 80 and 443. The only difference is one is at /photo. If you create a /photo directory under //web, I wonder if you loose access to the photo station, or you cannot see a web page with that address?

So if the photo station no longer uses or respects this setting, why have it in the settings?
- Chip
DS916+, DSM 6.1.7-15284 , 2x HGST NAS 4T HDN724040ALE640, USB backup of DS, CyberPower UPS
Apache 2.4,Audio,Calendar,CardDav,Drive,Docker,Doc Viewer,Download,File,Media,Note,Office,Surveillance,Text,VPN,Web,Audio,Photo,Python,Hyper Backup, WebDav, MariaDB, PHP7, (SMB, SSH, FTP)
RT2600ac-1.1.7-6941-1, VPN+ (Web VPN only),
DS211, DSM 6.0.2-8451 Update 6, 2x HGST NAS 4T HDN724040ALE640, USB backup of DS,
PC= Win7, I7-860 Trubo@3.5G, 8G, and 5T HD's installed

User avatar
cread
Knowledgeable
Knowledgeable
Posts: 322
Joined: Sat Jan 08, 2011 5:56 am

Re: Photo Station not listening on custom HTTPS port

Unread post by cread » Thu Feb 01, 2018 6:11 am

8105 wrote:Press F12 with the Photo Station app open in your browser, select the "Network" tab in the window that comes up and press F5 to reload the app. Inspect the list of requested resources.
Thanks for the hint, but I do not see anything from outside of the disk station on mine. There was a security fix that was to fix the possibility of injecting scripts. :?:
- Chip
DS916+, DSM 6.1.7-15284 , 2x HGST NAS 4T HDN724040ALE640, USB backup of DS, CyberPower UPS
Apache 2.4,Audio,Calendar,CardDav,Drive,Docker,Doc Viewer,Download,File,Media,Note,Office,Surveillance,Text,VPN,Web,Audio,Photo,Python,Hyper Backup, WebDav, MariaDB, PHP7, (SMB, SSH, FTP)
RT2600ac-1.1.7-6941-1, VPN+ (Web VPN only),
DS211, DSM 6.0.2-8451 Update 6, 2x HGST NAS 4T HDN724040ALE640, USB backup of DS,
PC= Win7, I7-860 Trubo@3.5G, 8G, and 5T HD's installed

Post Reply

Return to “Photo Station”