Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

WOL and security

Featured Replies

Okay, I'm about to give up.

 

Since wake on lan from the internet won't work through a Netgear router, I've been looking for a way to have unRAID wake my PCs from the LAN, since it's on 24/7, using an http request.

After A LOT of searching, I finally managed to do this using user scripts in unMENU, so I thought that was it. Trouble is, allowing access to unMENU from the internet is... dumb, to say the least - there's no security.

 

So two questions: can anyone recommend a different way of achieving the WOL functionality I need?

 

And while we're on the subject of security: is unRAIDs user/pass requirement safe enough to allow external access to the main page? There's a few things I'd like external access to, so this goes both for unRAID, but also in general - what are the security concerns? Is it safe if you're required to login or can anyone who knows what they're doing bypass it without much hassle?

Okay, I'm about to give up.

 

Since wake on lan from the internet won't work through a Netgear router, I've been looking for a way to have unRAID wake my PCs from the LAN, since it's on 24/7, using an http request.

After A LOT of searching, I finally managed to do this using user scripts in unMENU, so I thought that was it. Trouble is, allowing access to unMENU from the internet is... dumb, to say the least - there's no security.

Correct.  access from the internet is an invite from every script kiddie in the world.  It is a really DUMB idea.

So two questions: can anyone recommend a different way of achieving the WOL functionality I need?

I cannot. No experience to draw upon. VPN is ONLY secure answer.  Get a different router that does supply VPN services from the internet.

And while we're on the subject of security: is unRAIDs user/pass requirement safe enough to allow external access to the main page? There's a few things I'd like external access to, so this goes both for unRAID, but also in general - what are the security concerns? Is it safe if you're required to login or can anyone who knows what they're doing bypass it without much hassle?

As delivered, for almost all unRAID versions, unRAID is wide open.  Even if you add a root password.  It is not secure for other commonly used IDs.  The recent 4.7 release even includes a paragraph in the release notes on how to delete your password files to start with fewer open IDs.  (They are open in most prior releases)

 

Quote from 4.7 release notes:

Bug fix: disable login on certain non-user accounts.

A bug was fixed where certain non-users were able to login via telnet. But to get this fix to apply (if you want), you must follow this procedure:

1. After booting this release, go to your flash share and delete the files 'config/passwd' and 'config/smbpassd'

2. Reboot the server

Note: you will need to re-enter any users you had created.

 

You will be hacked if you open your server up to the outside world, and it will not take long either.   

Don't believe me... look at this thread, and this one, or this one.

 

Joe L.

I agree with everything JoeL said above.

 

I access all my unRAID related stuff through a VPN connection to my router.  I have a Cisco WRT320N (if I remember correctly) and it is running DDWRT so I can have VPN.  It is really your only safe approach for access to your unRAID server.

  • Author

Thanks for the quick replies!

 

Okay, I'll dismiss the thought of allowing external access to the server (main interface). But does this go for all services/packages? Say unRAID-Web - what would be the point of this if external access was a bad idea (most likely a very stupid question!)? WOL can apparently work using PHP, so that may be an option...

 

Deleting the two files in question still wouldn't make it secure, would it?

 

Seeing as VPN is probably the safest approach, which my router doesn't support (and no custom fw is available), I immediately did a search on VPN for unRAID, and apparently some Hamachi "spin-off" exists - would that be secure (forwarding a port to the tower for this service)?

You can use a DDWRT device behind a router/firewall and get OpenVPN working.  I have an old Linksys wireless router that craps out when the wireless functions are enabled, but I flashed it to DDWRT, disabled the wifi stuff, and set up OpenVPN on it.  I just forward the OpenVPN ports from my external address to the DDWRT router and I can VPN in fine.  I even have it working in bridged mode so I get an internal IP address allowing NetBIOS over TCP/IP to work :)  If you have an old router that is DDWRT capable, that may be an option for you and I could help you get it set up.

 

It is also possible to get OpenVPN set up on unRAID but that is NOT a trivial task.

DD-WRT has the ability to send magic packets to machines on the local network through its web interface: Administration->WOL.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.