All Synology NAS have an internal firewall that is responsible for blocking IP addresses that have too many failed login attempts, for example. The NAS does this consistently. But of course it is even more practical if the attacker does not even get to the login screen to try to log in because the IP address is already blocked.
Many firewalls have exactly this function by default. With the Synology NAS we have to make do with a script.
Synology: Automatically import IP blocklist via script
With the help of the script, the blocklists can be retrieved from Blockliste.de and automatically imported into the blocklist of the Synology DSM. To do this, the aforementioned script must be downloaded and copied to a folder on the NAS. The script comes from the Synology-forum.de
I have created a “Scripts” folder in the home share of my admin account for this purpose.
Security tip:
The administrator account should only be used for administrative purposes, for everyday access to the Synology apps or network shares another account with limited rights should be used.
Once the script has been copied to an appropriate folder, we can create the task that the script will execute automatically on a regular basis.
To do this, we navigate in DSM to: Control Panel -> Task Scheduler -> Create -> Scheduled Task -> Custom Script
The script should be executed every 10 minutes. This is necessary to always block the latest IP addresses.
The following script must now be entered in the corresponding field:
chmod + x "/volume1/homes/cybertalk.admin/Scripte/update_blocklist.sh"
"/volume1/homes/cybertalk.admin/Scripte/update_blocklist.sh"The first line makes the script executable and the second calls it. The path must of course be adapted accordingly.
The first execution of the script may take a little longer, after that it should be much faster.
The number of IP addresses that are now blocked shows that the script has worked. Now you have an additional security layer to protect the NAS from unauthorized access. However, this should only be one of several layers, consisting of a Next Gen Firewall and of course the configured software firewall of the Synology NAS.