How to add HTTP Authorization to Synology's web interface

October 2014.


This article is relevant to a DS412+ appliance.

You're using a small Synology server. You use the web interface for whatever purpose. (the one at You'd like to access this interface remotely, but you are afraid to open the port on your firewall since you don't trust the associated CGI scripts.


Add HTTP auth to httpd, so that any request must go through a password.

Create file /usr/syno/etc/httpd/passwd (here or in whatever location you fancy) and create your credential database.


Create file /etc/httpd/conf/extra/httpd-something.conf and configure httpd to serve on port 5002 the same content as port 5001, but with basic HTTP authentication.

Listen 5002

LoadModule auth_basic_module modules/
LoadModule authz_user_module modules/
LoadModule authn_file_module modules/

ServerName *
ServerAlias *

SSLEngine on

AuthType Basic
AuthName "Secure Content"
AuthBasicProvider file
AuthUserFile /usr/syno/etc/httpd/passwd
Require valid-user

Edit /etc/httpd/conf/httpd.conf-sys and include the preceding file at the end.

Include conf/extra/httpd-something.conf

Restart httpd.

/usr/syno/etc/rc.d/ restart

Forward port 5002 in your firewall.


Enjoy your (a tiny bit more) secured NAS from anywhere in the world.