We tried to explore Qfile pro, to access our NAS, but QNAP doesn’t provide a safer environment to connect to our NAS from public netwrk, giving access to d NAS is like exposing ur complete BOX and making management challenging. Qfile pro doesn’t allow us to connect to our NAS via ftp/webdev, QNAP qftppro has lots of security features.. so we request QNAP team to look into this, we had already raised a ticket for d same, but it went in loop without any positive resolution
It is NEVER a good idea to expose any part of the NAS to the internet. Just don’t do it.
If you want easy access using QFile Pro, I would recommend a VPN to your network.
But you can also connect using MyQNAPCloudLink. If you use that way, you can connect securely over the internet but you run through QNAP’s severs in Taiwan as proxies. It will be slow than connecting via a VPN but it will still work.
Already possible Access QNAP NAS from anywhere · Tailscale Docs
hi,
But by this we are restricting the use of NAS, already our NAS is behind d firewall & expose to public via secure QNAP Qqftp service ftps protocol, which has all the required security to protect the user data,
Our only request to QNAP is to allow Qfile pro to connect to our NAS via ftp protocol/port, so the handshake is secure, currently we are not able to connect to NAS through qfile pro via ftp service..
The qfile pro app has all the features of port selection but it is not doing handshake with our NAS on ftp service…
The rule is to never expose any ports of your NAS, if that restricts your NAS usage, you are using your NAS wrong.
1 Like
FTP will not give you the experience you would want to use for Qfile.
If you wish for others outside of your network to access files on your NAS, please use one of the ways we have suggested. Please do NOT expose your NAS to the internet. It is asking for trouble. We can point you to quite lengthy posts where people have lost all their data when they had what they thought was a “secure” connection.
VPN is the most secure, fastest and best way.
If you really insist on exposing something on your NAS to the internet, do that exposure via a server app running in a Container.
You might want to try using a mobile FTP app as an alternative. Also, feel free to let us know if you’re running into any specific issues so we can help. Thanks!
yes, but not through third party app, we wanted to explore QNAP official app Qfile pro to connect to our NAS via a protocol FTP/WEBDEV, which is already configured in our NAS for our local users from public..
Currently we r using third party app such as winscp for desktop & other mobile ftp app to connect our NAS, but thought of exploring QNAP Qfile pro app which we feel is very usefull app, but has d given limitation/restriction…
Experience is not d concern, our use case is simple one way tranfer to our NAS with d restriction policy we have, if QNAP has rolled a app in the market to connect to the NAS, it shuld allow d same in a more secure manner.. which may usefull to customer….. VPN will also not solve d problem connecting thorugh VPN and then exposing the user data with blank policy is also dangerous..
I am going to say it again:
DO NOT EXPOSE YOUR NAS DIRECTLY TO THE INTERNET FOR ANY REASON!!
Yes, I am yelling. If you have customer data, information, you are risking all of this in case someone uses an exploit to hack your NAS and fill it with ransomware.
If you insist on exposing any part of it (and there is sufficient reason for this), then use a Container and expose just the container. Don’t rely on the “security” function of the NAS to protect you.
The security concern u r highlighting is correct, its a endless debut & discussion
we understand that, but y cant we use NAS for ftp access publically,
Our concern which we had raised here was related to QNAP Qfile pro app and its purpose, its a very useful app. But whether its from public or local, our only request to QNAP was to allow qfile to access our NAS via other proocol such as FTP/WEBDEv..
If we connect through SECURE vpn also d connectivity & data security challenge remain the same. as through current Qfile Pro app, access rights option is very limited or in other words nil, atleast through FTP we can set the access policy to user such WORM/read/write/modify/delete.
Please do not post in random topics about this.
If you need to create some sort of IT strategy for file sharing…hire an expert.
we dont want to create a startegy, our strategy is already in place ..
Our request to QNAP was that, allow us to connect to our NAS via Qfile PRO app in a secure manner instead of full open access, In the current connection method through Qfile Pro, we are unable to restrict users with different folder permission such such as Read delete/write/modify/WORM
U can take this as our feedback/or suggest us how to gv access to our NAS while connecting through Qfile PRO app locally/publically/VPN with limited permission, similar to what we are currenlty able to achieve through QNAP Qftp service..
When you connect to your NAS through Qfinder Pro, which user are you logging-in as? ‘admin’, or someone else? If you login as ‘admin’, you’ll be able to browse all shares ‘admin’ can browse.