Hello all, a semi-newbie here.
In many posts, I see people recommending not to do port forwarding to NAS as it exposes them to the internet and it is dangerous.
While I do not use the default ports when I do port forwarding, the experts in this groups seem to be super against exposing the NAS to the internet in any shape or form.
So, my questions are:
- What would be the recommended way to access my NAS remotely? I don’t see the point of limiting a home server just to be accessed from within the same network. Is VPN connection the most secure way? If so, isn’t VPN a yet-another-door that opens your device to the internet, so what is the difference? Please tell me like you explain it to a 5 year old.
- What would be the recommended ways to secure my Synology and QNAP (yes I have both)? Should I simply block their access to the internet via router’s settings? If I do this, how will the devices update themselves? Or do you normally allow access to the internet for updates and then remove access again? Can you recommend any step-by-step articles that I can follow in order to ensure my NAS is secure?
- If I want to share files from my NAS with other people, am I expected to ask them have VPN in this case?
- Does it mean that one should not use the web server features of a NAS since exposing your NAS to internet is a bad thing?
Maybe I am misreading what the experts in this subreddit mean when they say ‘do not port forward’ or 'you must block access to your NAS.
I appreciate your help. I am happy to read any articles you can link to.
Thank you in advance.