Before you order a domain name, determine if you have on a static or dynamic IP address. Most business IP addresses are static while residential IP addresses, especially in the U.S., are usually dynamic. A static IP address does not require DDNS because the address is always the same and is registered with the domain name. Dynamic IP addresses are not registered with a domain name and require a DDNS provider. DDNS providers update the DNS servers when an IP address changes. A dynamic IP address may change if you reboot the modem or experience a power interruption. You can get information about your connection type from your ISP (Internet Service Provider). The DDNS function on a Synology comunicates with your DDNS provider and updates your IP address, if it changes.
Additionally check with your ISP to see if ports 80 and 443 are blocked. Some ISPs block these ports for non-business accounts claiming it is a security risk but is is more likely they are concerned about increased bandwidth. If these ports are blocked you may be able to use alternate ports such as 8080 (HTTP) or 8443 (HTTPS) or Synology's quick connect feature.
Consider installing a SSL (Secure Socket Layer) Certificate. Some clients may not be able to access your website if you do not have a SSL certificate installed especially if use logins or forms requesting information. Link to installing an SSL certificate
If you want to use a Joomla or WordPress content management system (CMS) the installation can be done automatically. The downside is upgrades for the Synology versions are sometimes delayed which can cause security risks as well as problems with some plugins and templates. The most secure option is to install Joomla or WordPress manually but it requires a bit more work. If you decide to use the Synology CMS versions, simply install then and go to Create Web Portal to set up a portal for your website.
If you do not want to use the Synology version, download and install the software from the source but this will require manually installing and setting up the additional software required. Joomla download | WordPress download. If you want want to run a genealogy website TNG (The Next Generation of Genealogy Sitebuilding) has great software very reasonably priced with both author and community support.
Installation Menu:
1. Web Station
2. Script Language Settings
3. Create Web Services
4. Install MariaDB (Optional)
5. Create Web Portal
6. Set Up A DDNS Provider (Optional)
7. Connecting to the Internet
8. Firewall and Security Settings
2. Script Language Settings
3. Create Web Services
4. Install MariaDB (Optional)
5. Create Web Portal
6. Set Up A DDNS Provider (Optional)
7. Connecting to the Internet
8. Firewall and Security Settings
Synology Package Center Software Required for Most Websites:
- Web Station - Installs web station software and creates a web folder in the default volume.
Controls the Web Portal, Web Service, Script Languages and Error Page Settings. - PHP - Script languages used to create dynamic web pages. Multiple versions are often installed to accommodate various software packages. Python and Node.js are also available.
- Apache HTTP Server 2.4 - An optional back-end server package using .htaccess files to redirect, grant, deny or limit access to the website. If Apache server is installed first, it will automatically install web station. If Apache is not installed the NAS will use the default NGINX back-end server. Keep in mind the NGINX server is more difficult to manage requiring the use of terminal access and third party software to the create or edit configuration files.
- MariaDB - Installs a MySQL compatible database.
- phpMyAdmin - Utiliy software to access and setup MariaDB databases.
Allows admin access to create users, databases and create and/or modify tables and data.
***** Web Station *****
Go to package center and install Apache or Web Station. If Apache is installed first, it will automatically install Web Station. After Web Station installs, return to the Package Center and download the required version(s) of PHP for your software. If you are unsure, download all PHP versions. Specific PHP configurations can be created for each website in Web Station after the PHP versions are installed. The default back-end server is NGINX but an optional Apache HTTP Server is available in the package center. Apache is the suggested back-end server for most users.
Once Web Station installs, a new link will appear in the Synology menu. To access the Synology menu, click the icon with four small boxes at the upper left of the display. If you want a shortcut to Web Station on the desktop, right click the Web Station icon and select "Add to Desktop".
Load Web Station by clicking the icon and the page below appears.
Overview - Displays the default server and web portal status as well as back-end packages and service packages installed on the NAS.
Web Portal - Displays and creates the host connections to the internet using services created in the web service. When the NAS receives a name based request request on port 80, 443 and another assigned port, the traffic is routed to the appropriate folder by the document root listed in the Web Service. Websites you create are listed in the Customized Portal section. The Default Portal section defines access to the web folder.
Web Service - Displays and links custom script languages to a service in the Web Portal. Creates or links a child folder in the Web folder to a host in the Web Portal.
Script Language Settings - Contains the default PHP, Python or other language file that will be used for the website. Creates custom scripts using the default files. The custom script can be edited to use a number of different modules and change php.ini settings.
Error Page Settings - Allows creation of custom error pages. Please refer to Synology for more information on using this option.
***** Script Language Settings *****
If you install the Synology version of Joomla or WordPress, Synology creates a PHP profile and sets up extensions automatically. If you are planning to use other software or manually install the WordPress.org version then you will need to create a new profle and enable the PHP extensions manually.
Open Web Station and select Script Language Settings. This displays the script languages installed. To begin select create.
Enter the Profile Name and a unique description. Then select the PHP version to use for this profile.
Select next
On the extensions page enable the PHP extensions you want to use for the website. There are many extensions but some are not required for most websites. If you are using MariaDB you will need to enable mysqli and pdo_mysql. Other commonly used extensions are curl, extf, gd, iconv, imagik, openssl, zip and zlib. To enable an extension select the checkbox.
Select next when selections are complete.
The default FPM (FastCGI Process Manager) dynamic mode settings are typically use on lower traffic volume websites.
Server settings are mandatory when using the dynamic mode.
The FPM static mode is also available for high volume websites. Ensure you have adequate memory available when using this setting. Server settings do not apply when using the static mode.
Select next.
Use the default PHP core settings except the error log. When you create an error log entry you must supply the absolute path. You should also use a unique file name, as shown below. If you have multiple sites, using dedicated error logs makes it easier to find and trouble-shoot errors.
Displays the settings to apply. Scroll the screen and if any settings are incorrect use the back button to correct, otherwise select create.
The Script Language Settings page opens and the new profile name and custom description appears.
***** Create Web Services *****
Open Web Station, select Web Service and then select create:
STATIC WEBSITE
The first option is a static website. Static websites do not use script languages and are written in XML, HTML or XHTML and use CSS for formatting. Scripts written in Node.js or Javascript can be used as well. You cannot use PHP or Python on a static web page. If the website displays static or fixed content select Static Website then select NEXT.
Enter the name of the service in lower case using characters and or numbers, and a description which can be in mixed case. The name will be assigned to the domain name in the web portal settings. The description text provides reference information about the service. Select the back-end server, NGINX or Apache. The back-end server cannot be changed once the service is created.
It is preferred to install each website in it's own folder. So if you ever decide to add another website you will not need to make numerous changes to get the first website working again due to changing the root path.
Click the Browse button to create a folder.
Select the web folder and select Create.
Enter the name of the folder name in lower case. Use characters and numbers but DO NOT use spaces or any special characters.
Then select OK.
Review each item on the screen and check for typos. If everything is correct select Create.
If you get a message to update permissions, select OK.
The Web Service page will display the type of service added and the status, which should be Normal.
DYNAMIC WEBSITE
The second Web Services option creates dynamic web pages using a script language such as PHP, Python or Node.js (Compatible with Javascript). Select Native Script Language Website.
Select the required script language and version from the pull down window. Then select a profile.If you don't know which profile to use, it can be changed later using the edit option.
Then select a profile.If you did not create a new profile, you can create one later and change it using the edit option.
Enter a lower case name for the service using characters or in combination with numbers. Enter a description.
Select the back-end server, Apache 2.4 or NGINX. The back-end server cannot be changed once the service is created. To use a different back-end server you must create another service. Do not edit the timeouts unless you are familiar setting timeouts.
Select Browse to create a folder for the website. It is preferred to install each website in it's own folder. So if you decide to add another website you will not need to make numerous changes to get the first website working again.
Select the web folder and then click create.
Enter the name of the folder name in lower case. Use characters and numbers but DO NOT use spaces or any special characters.
Select OK when finished.
Review each item on the screen and check for typos. If everything is correct select Create.
The Web Service page will display the type of service added and the status, which should be Normal
***** Install MariaDB *****
MariaDB is a MySQL compatible database. If you serve static content, this database IS NOT required. If you install a content management system, like Joomla or WordPress, Genealogy, WIKI Media for any system storing data install MariaDB.
Download MariaDB from the package center. After the files download and install, a popup box appears where you must enter and confirm a password to access the database. This password is used by phpMyAdmin for accessing the database. it IS NOT the user password application software uses to access the database created in MariaDB.
After you enter a valid password the highlighted box disappears. Note the 3306 port number, This can be changed but some applications may use this port by default as it is typically dedicated to MariaDB and MySQL databases.
The next popup window shows the MariaDB installation information. Click Done to install.
The last popup displays a firewall notice about the communication protocol and port which will be opened to access MariaDB.
Now that MariaDB is installed, you must install phpMyAdmin in order to create individual databases and users.
Return to the package center and select install phpMyAdmin. If the correct version of PHP is not yet installed a popup window will appear showing the version that will be installed to access MariaDB.
No additional actions are required for the phpMyAdmin installation. to log into phpMyAdmin the user name is root and the password is the one used when you created MariaDB.
***** Create Web Portal *****
In order to create a website portal, register a domain name so users can find and access your website. Online searches will list many vendors offering domain names, SSL certificates and hosting. You do not need a host since you have a Synology server but you do need a domain name. I prefer NO-IP.com because they offer excellent services, including DDNS, and support but there are other companies like NameCheap.com, Hover.com, Gandi.net, Name.com, Go Daddy, Network Solutions, Register.com and many more that can register your domain name and offer additional services. If you have a dynamic IP address, make sure the provider offers DDNS service. Additional useful services are DNS Host (A), DNS Host (Round Robin), DNS Alias (CNAME), Port 80 redirect, Web Redirect and WildCards. These features are useful for many things including APIs like Google Maps. Some offer mail services for your domain name as well.
Before you order a domain name, determine if you have on a static or dynamic IP address. Most business IP addresses are static while residential IP addresses are usually dynamic. A static IP address does not require DDNS because the address is always the same and is registered with the domain name. Dynamic IP addresses are not registered with a domain name and require a DDNS provider. Dynamic addresses use DDNS or Dynamic Domain Name System. DDNS providers update the DNS servers when an IP address changes. A Dynamic IP address will usually change if you reboot the modem or experience a power interruption. You can get information about your connection type from your ISP (Internet Service Provider).
Open web station and select Web Portal then click create.
Then select Web Service Portal.
Select the Service to use for this website from the pulldown menu.
Select the Portal Type to use for this website from the pulldown menu.
If Name Based is selected, enter the domain name for the website.
If Port Based is selected, enter the port number for the website.
DO NOT select Port Based or Alias portal unless you know how to use it.
If you selected name based, enter the domain name and select Create.
Creating a Subdomain
To create a subdomain, create another web portal on the NAS using the subdomain name format. For example: you want to create a subdomain for mywebsite.com that displays pictures. You would create the web portal as described above except the host name would be pictures.mywebsite.com.
That is all you need to do for the NAS. The example screenshots below are for test.skdavis.net
However, no one can find your subdomain at this point because the subdomain name has not been added to DNS servers.
Log in to your domain registration provider. Select the parent domain, in this case mywebsite.com, and select the wildcard option. If this option does not exist, contact your provider to confirm they support subdomains. If they support subdomains, they may have specific instructions for creating the new domain.
For the subdomain Hostname Type select DNS Alias, also known as CNAME. This option will cause the subdomain to resolve to the parent IP address. If you use DDNS, you will not need a new key because the parent domain's DDNS key will be used.
There may be options to set either a hostname and/or target. Target is typically the name used access the subdomain.
If you have any questions contact your provider. Once you have the information entered, and saved, it may take up to 72 hours for the new subdomain to be propogated to the DNS servers so be patient.
***** Set Up A DDNS Provider *****
If you have a static IP address you do not need to use a DDNS provider. If you have a dynamic IP address and do not set up a DDNS provider no one can find your website if the IP address changes. Once you have a domain name enter the information in your Synology to setup the DDNS service.
So log in to DSM and open the control panel.
Select External Access from the connectivity group. The DDNS tab is where you enter information about your DDNS.
Select the Add button and the DDNS configuration windows appears.
From the pull down menu select your DDNS provider. If the provider is not listed select Customize.
If you selected a DDNS provider that is not on the list you can use the customize feature to add your provider.
In the service provider window type in the name for your provider. This is the name that will appear in the pulldown list of DDNS providers.
In the Query URL window enter the query string for your DDNS provider. If you do not know the query string contact your provider. Your DDNS Provider will supply the correct query string.
Select Save to add your DDNS provider to the list.
When finished select the OK button to save your settings.
***** Connecting to the Internet *****
Connecting to the internet consists of configuring your router to forward specific ports to the NAS. The router should have a DMZ (Demilitarized Zone) where you can enter the LAN address for the NAS. This adds a layer of security to protect the local LAN from untrusted traffic. Log in to the router admin panel to enter the NAS IP address in the DMZ settings.
If the router is compatible with a Synology NAS, port forwarding can be done automatically. Open the control panel and select External Access. This will test your router to see if it accepts forwarding commands from the NAS. If your router is not compatible with the NAS method of creating rules, consult your router instructions and manually enable port forwarding for port 80 (HTTP) and port 443 (HTTPS) to your Synology. If you want to access DSM over the internet you will need to forward the ports you specified for DSM. The default ports are 5000 for HTTP and 5001 for HTTPS.
If the NAS is compatible with the router, ports can be set automatically. Log in to DSM and open the control panel and Select External Access.
Select Router Configuration, then Select Apply
This will show the ports to forward to the router. The two top connections are for DSM management and should always be checked. The next two connections are ports 80 and 443 which will be used by web station. Ensure the boxes are checked so web station has access to the internet.
A warning about overwriting the existing router ports will appear. Select OK.
If the command was succcessful the will display OK. Otherwise it wil indicate it failed. If it fails, you will need to set the router ports manually.
***** Check the Firewall and Security Settings *****
To check the fire wall, open the control panel and select Security.
Select FIreWall from the tab at the top of the page. The firewall must be enabled to protect your NAS. Enabling notifications allows the NAS to tell you when something is not enabled that would prevent the package from working correctly. These are normally enabled by default. If they were not enabled, you can either go through the prior steps or enable the rules manually.
Select Edit Rules from the center right portion of the page to view or create rules for your website.
Existing rules are shown here. The first two rules were created by DSM to allow access to the management system and to web station. The third rule was created manually to deny using Windows file server commands across the LAN.
The firewall rules page has a few options. You can create rules to access or deny ports, applications, source IPs or regions. The radio buttons at the bottom of the page determine what happens if no rules are matched. If you set up deny rules for security, make sure you are not denying yourself access to your own system.
Choose the Select radio button for built-in applications and then click the Select button.
You can scroll to choose which applications you want to enable though the firewall. Make sure ports 80 and 443 (Web Station, Photo Station) are enabled which allows internet access. The DSM ports must be checked to allow the Synology assistant and remote connections to connect to DSM (Disk Station Manager).
When finished select OK and the parent screen appears. Notice the source IP on the last line, Enable local access on all ports so you do not lock yourself out of your own Synology device. The common LAN (Local Area Network) address range is 192.168.1.1 - 192.168.2.255. If you are using DHCP (Dynamic Host Configuration Protocol) and specify a specific IP address instead of a range, the router can assign a different IP address to your PC when you restart or reboot, locking you out of your device. Once you become more familiar with your device and port access, you can change these settings later if needed.
The last item to run is the Security Advisor. This will check the settings and display a warning if there are any vulnerabilities or misconfigurations.
If the Security Advisor detects vulnerabilities or incorrect settings, they will be displayed here.
At this point you should be able to access your site from the internet. IF you connect directly to the web folder the following page appears which is seen by every Synology user if they install Web Station without a portal. This occurs because the web folder is the root for internet connections.
This page appears if it is the only web page in the web folder and you did not setup a portal. If you set up a portal but is has no content you will get a blank page and more likely an error.
This message will remain until you replace the page or point to another folder containing a program or html page. You can install a program in the web folder and if you're only going to run that one program you're done. If you want to run more than one website or install Synology WordPress, install the programs in separate folders inside the web folder. Since the programs do not reside in the root folder, traffic must be directed to the correct folder so WordPress, TNG, phpBB or whatever program you want to run will load you can use a web portal. Keep in mind if your IP address points to the web folder, anything you place in that folder can be accessed from the internet, unless you specifically deny access. The best way to direct browsers to program folders is use a web portal. Thsi also allows you to run multiple websites using one IP address. Additionally web portals prevent access to other folders located in the web folder.
Synology has a great feature called QuickConnect. You can access the Synology over the internet using quick connect, if you registered the device and have an account setup with Synology.
If you use the Apache backend, each program folder should contain an .htaccess file. To create the file use a plain text editor such as Komodo IDE or NotePad++. DO NOT use a word processing program.
If your web portal folder is empty, and you have some experience with html, you can download en example My Front Page file and create your own landing page. It contains an index.html and a css file. Extract the ZIP file contents to the web portal folder you created. You will need to change/add the text you want displayed as well as links to folders containing your programs or pages. To add a link in the index file, change:
Code: Select all
<a href="#">Code: Select all
<a href="/folder_name/">Code: Select all
<a href="http://example.com/">Created 4/14/20
