Hello all, my qnap seems to redirect Port 80 to port 8080 even with webserver enabled. In control panel > General Settings the default port number for web administration is set to 8080. Secure connection is enabled and set to 8334. In applications > Web Server, Enable web server is checked and port # 80 is selected along with 443 for https.
When I go to http://myqnap.com I get auto-directed to the web admin page at http://myqnap.com:8080/cgi-bin/
However if I go to http://myqnap.com/WordPress/ I am indeed directed to my WordPress site
so it seems that the Web Server is enabled and working... what I cant figure out is why 80 is redirecting to 8080 vs. loading my WordPress site? Im hoping Im posting in the right section.
In WordPress settings (if this is relevant?) My WordPress URL is http://myqnap.com/WordPress and my Wordpress SIte URL is http://myqnap.com/WordPress. If I change either option to http://myqnap.com/ then WordPress doesn't load and instead you get redirected to the QNAP web administration URL at http://myqnap.com:8080/cgi-bin/
My desired state is:
http://myqnap.com should load directly into my wordpress site or better yet... can it redirect to 443 and load my WordPress site?
https://myqnap.com should load directly into my wordpress site
http://myqnap.com:8080 should load directly into my QNAP web administration portal (I will disable this port after everything is confirmed to be working and just focus on https)
http://myqnap.com:8443 should load directly into my QNAP web administration portal
Help! Port 80 redirects to 8080 with webserver enabled
-
mike_toronto2
- Starting out
- Posts: 10
- Joined: Sat Feb 18, 2017 12:13 am
-
awair
- Getting the hang of things
- Posts: 91
- Joined: Tue Feb 22, 2011 4:03 pm
Re: Help! Port 80 redirects to 8080 with webserver enabled
I had this same issue, and consider it to be a major security loophole.
After a FW upgrade, some of my vhosts stopped working. 'Incorrect' urls were all presented with the QNAP login - which in my opinion, should never appear.
My fix:
1) 'Disable' the default web port - set to an unused value (say 8099), and then use your firewall to block access to that port.
2) Assign port 80 to a vhost
3) Assign port 443 to the same vhost
Now if there is some vulnerability that permits directory listing/access, they don't see all your virtual hosts in the /Web directory. You can still get to the UI by explicitly using 8080, and for safety - only internally or via VPN, so also block 8080 on your firewall.
Hope this helps
After a FW upgrade, some of my vhosts stopped working. 'Incorrect' urls were all presented with the QNAP login - which in my opinion, should never appear.
My fix:
1) 'Disable' the default web port - set to an unused value (say 8099), and then use your firewall to block access to that port.
2) Assign port 80 to a vhost
3) Assign port 443 to the same vhost
Now if there is some vulnerability that permits directory listing/access, they don't see all your virtual hosts in the /Web directory. You can still get to the UI by explicitly using 8080, and for safety - only internally or via VPN, so also block 8080 on your firewall.
Hope this helps
TS-670 Pro (4.2.0 Build 20160311)
TS-559 Pro+ (Somewhere between 3.8.4 Build 20130816 & 4.2.1 Build 20160601)
TS-469L (4.2.0 Build 20160311)
TS-269L (4.2.0 Build 20160311)
TS-559 Pro+ (Somewhere between 3.8.4 Build 20130816 & 4.2.1 Build 20160601)
TS-469L (4.2.0 Build 20160311)
TS-269L (4.2.0 Build 20160311)