× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Secure ADMIN Share From Internet Brute Force Attacks

darrylmg
Aspirant
Aspirant
‎2010-06-05 08:27 AM
‎2010-06-05 08:27 AM

Secure ADMIN Share From Internet Brute Force Attacks

I searched the forum for this but didn't find any info that was similar, so I'm posting here as it may help others.

If you have a ReadyNAS Duo and you're happy with your setup and are now sharing your shares out through your router over the internet, you need to be aware that any old hacker can try and access your ADMIN share (e.g. https://<your-readynas>/admin).
I use mine in exactly that way but don't want Mr A.Hacker trying out a myriad of passwords on my ADMIN share just because my public shares have "Netgear ReadyNAS" plastered all over the front page (a tip for another day I feel).

Instead, if you're comfortable using SSH, (there is a way to do this by using the FrontView config backup, edit the file and put back in place) then you can edit your Apache httpd.conf configuration file so that access to the ADMIN share is restricted to a host or hosts on your local home network only.

Steps:
1, Log into your readynas via SSH as root.
2, Backup your old config file: 
cp -p /etc/frontview/apache/httpd.conf /etc/frontview/apache/httpd.conf.bak

3, Use 'vi' to edit the httpd.conf: 
vi /etc/frontview/apache/httpd.conf

4, Change the sections as follows:

<Location /admin>                        
    DirectoryIndex index.html
    Options ExecCGI
    AuthType Basic
    AuthName "Control Panel"
    require user admin

    # block external admin.
    Order Deny,Allow
    Deny from all
    Allow from 192.168             <<< INSERT YOUR LOCAL NETWORK IP ADDRESS SUBNET HERE
</Location>


and 


<Location /get_handler>                  
        SetHandler perl-script  
        PerlHandler get_handler 
        PerlSendHeader On       
        Options ExecCGI        

#       Order allow,deny       
#       Allow from all         
        AuthType Basic         
        AuthName "Control Panel"
        require user admin      
                                
        # block external admin.
        Order Deny,Allow           
        Deny from all              
        Allow from 192.168                     <<< INSERT YOUR LOCAL NETWORK IP ADDRESS SUBNET HERE
</Location>


5, Save the changes with: 
<shift + 'ZZ'>

6, Restart your readynas: 
shutdown -r now

7, Test from your local network that you can access the ADMIN share: 
https://<readynas IP>/admin
.
8, Test from the internet that you can't access the ADMIN share: 
https://<ISP IP>/admin
.
You should see a HTTP 403 FORBIDDEN error.

That's it.
If you made an error, you can restore your config from the backup file you took: 
cp -p /etc/frontview/apache/httpd.conf.bak /etc/frontview/apache/httpd.conf
and then restart your readynas.

Don't forget to check the config after you make any changes to shares / firmware etc.
Message 1 of 3
0 Kudos
Reply
darrylmg
Aspirant
Aspirant
‎2014-03-10 07:13 AM
‎2014-03-10 07:13 AM

Re: Secure ADMIN Share From Internet Brute Force Attacks

Update: For ReadyNas Radiator 4.1.13, I also secured the following share:

<Location /dir_list>
        AuthType Basic
        AuthName "Control Panel"
        require user admin
        Options ExecCGI
        #Allow from all

        Order Deny,Allow
        Deny from all
        Allow from 192.168         <<<-- Insert your subnet here.
</Location>
Message 2 of 3
0 Kudos
Reply
Jarkod
Guide
Guide
‎2014-03-27 11:58 AM
‎2014-03-27 11:58 AM

Re: Secure ADMIN Share From Internet Brute Force Attacks

What do I have to do to secure RN102 with OS 6.1.6. There's no httpd.conf file (at least not in the specified path)
Message 3 of 3
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 2 replies
  • ‎2010-06-05 08:27 AM
  • 2785 views
  • 0 kudos
  • 2 in conversation
Announcements