Block webcrawler ect. with firewall

  • Hello everyone,


    I have configured my OMV to shutdown via the autoshutdown plugin after 30 minutes of no activity. Also my router will wake up the nas when accessed via internet.
    The internet access is needed for my nextcloud and uses a dyndns service.
    My problem now is, that every time the nas shuts down, shortly after it gets waked up again. I assume this is because of search engine crawlers or something alike. Is there a ip list of webcrawlers that i can block with the router firewall? Or can I prevent my nas from getting waked up unintentionally any other way?


    Kind Regards,
    Xologrimm

  • I am using a fritzbox 7490. There is the option to wake the computer automatically if accessed via internet. Unfortunately no other options are available for this function as far as I know.
    Access from the internet to the nas is only possible on port 80 and 443 via port forwarding.

  • Probably the only thing you could try would be to accept traffic to those ports only from a list of known IP addresses that you wish to allow waking up the NAS and reject all others.


    WOL packets sent via a VPN would be a better solution. I have that setup here and have tested to be sure it works, but I do not actually use it.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • Maybe it is possible to obfuscate my ports (e.g. use port number 123 for http) to reduce the incoming requests? I just tried to change just the ports on my router but now i cant reach my nextcloud. Do i have to change something in the nginx config to test this?

  • Custom ports for http and https had exactly the desired effect :) now my NAS only wakes up if I want it to. I just had to adjust one line in the nginx config:
    If I set the value
    "proxy_set_header Host $host:$server_port;"
    in the file proxy.conf file of nginx to
    "proxy_set_header Host $host:145;"
    the nextcloud acts as expected. I guess this method is a little bit messy, but so far it works.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!