…without snark or jumping down my throat. I genuinely want to know why it’s so unsafe.
I’m running a Synology DS920+, with my DSM login exposed through a Cloudflare tunnel. I have 2FA enabled, Synology firewall enabled with these rules in place. I also have this IP blocklist enabled.
After all of this, how would someone be able to break in via the DSM login?
https://www.synology.com/en-us/security/advisory
https://www.cvedetails.com/vulnerability-list/vendor_id-11138/Synology.html
You can look through all known issues.
But don’t get me wrong, I’m glad they provide the information!
Don’t know how much a Cloudflare tunnel protects you. Maybe it’s only security by obscurity.