How to add HTTP Authorization to Synology's web interface
This article is relevant to a DS412+ appliance.
You're using a small Synology server. You use the web interface for whatever purpose. (the one at http://nas.example.com:5001). You'd like to access this interface remotely, but you are afraid to open the port on your firewall since you don't trust the associated CGI scripts.
Add HTTP auth to httpd, so that any request must go through a password.
/usr/syno/etc/httpd/passwd(here or in whatever location you fancy) and create your credential database.
/etc/httpd/conf/extra/httpd-something.confand configure httpd to serve on port 5002 the same content as port 5001, but with basic HTTP authentication.
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
AuthName "Secure Content"
/etc/httpd/conf/httpd.conf-sysand include the preceding file at the end.
Forward port 5002 in your firewall.
Enjoy your (a tiny bit more) secured NAS from anywhere in the world.