Account

Protect your account from external attacks.

Auto Block

The auto block feature helps improve the security of your DiskStation by blocking the IP addresses of clients with too many failed login attempts. This helps reduce the risk of accounts being broken into using brute-force attacks.

You can also create and manage an allow list to add IP addresses that you trust, or a block list to always prevent certain IP addresses from logging in.

Note:

To enable auto block:

  1. Open Control Panel and go to Security > Auto Block.
  2. Tick Enable auto block.
  3. Enter a number of failed login attempts in the Login attempts field and a number of minutes in the Within (minutes) field. An IP address shall be blocked when it exceeds the number of failed login attempts within the specified number of minutes.
  4. Tick Enable block expiration and enter a number to remove a blocked IP address after the specified number of days.
  5. Click Apply to save settings.

Managing Block List

Click Allow/Block List, and go to the Block List tab.

To add IP addresses:

Choose either of the following from the Create drop-down menu:

Note:

To import a file, the file must meet the following criteria:

To remove blocked IP addresses:

Select the IP addresses you want to remove from the list and click Remove.

Managing Allow List

Click Allow/Block List, and go to the Allow List tab.

To add IP addresses:

Choose either of the following from the Create drop-down menu:

Note:

To import a file, the file must meet the following criteria:

To remove IP addresses:

Select the IP addresses you want to remove from the list and click Remove.

Note:

Account Protection

Account Protection helps improve the security of your DiskStation by protecting the accounts from untrusted clients with too many failed login attempts. This helps reduce the risk of accounts being broken by brute-force attacks.

Note:

To enable account protection:

  1. Go to Control Panel > Security > Account Protection.
  2. Tick Enable Account Protection.
  3. Specify a number in the field Login attempts and Within (minutes). An untrusted client will be blocked if it fails to log in too many times within the predefined period of time.
  4. Specify a number in the field Unblock (minutes later). The account protection will be canceled after the predefined period of time.
  5. Click Apply to save settings.

To cancel protection of selected accounts

  1. Click Manage Protected Accounts.
  2. Select the accounts to be canceled, and click Cancel Protection.

To unblock trusted clients

  1. Click Manage Trusted Devices.
  2. Select the clients to be unblocked, and click Unblock.