Page 1 of 1

Web server directing to the main login page

Posted: Thu Jun 27, 2019 6:55 am
by ParityBit
Hi All,

TS-451, 8 GB RAM, Firmware

No idea what happened, but now my web server which was working points to my main web interface unless I put a /index.html after my domain name. It was never this way before. I read online to remove the index.php from the /Web folder which I did, but that did not help.

Any ideas?

Thank you

Re: Web server directing to the main login page

Posted: Wed Aug 14, 2019 4:42 am
by azaroth01
Same thing is startling me. This seems to be a recurring issue with QNAP since years and I am stymied as I must be overlooking something that should jump in my face. Or am I?

I seem to be unable to use the virtual host functionality and see that this has been happening since years without being able to find the reason or the solution. I would appreciate some help to find how to get the virtual host show my websites instead of the index.php in /Web.


I have two sites using WordPress, one in the default location /share/CE_CACHEDEV1_DATA/Web/WordPress and the other one in a subdirectory of /share/CE_CACHEDEV1_DATA/Web/wp-tmd/wordpress (separately installed but using the same database).

The virtual host is running listening on ports 8082 and 8083 pointing to these directories, each one having their respective index.php at the ready.

When connecting from the web, the result is always showing the /share/CE_CACHEDEV1_DATA/Web/index.php content (which I have edited to show the same lovely picture as pwilson has kindly mentioned, in order to avoid the recurring redirect to the QNAP admin access screen.
Just adding some info for better understanding. This is the content of my httpd-ssl-vhosts-user.conf, that my QNAP generated:

NameVirtualHost *:8082

Listen 8082

<VirtualHost *:8082>
<Directory "/share/Web/WordPress">
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
DocumentRoot "/share/Web/WordPress"
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile "/etc/stunnel/stunnel.pem"
A curl to port 8082 results in:
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
a curl -v results in
* Rebuilt URL to:
* Trying
* Connected to (xx.xx.xx.xx) port 8081 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject:
* start date: Aug 12 21:06:00 2019 GMT
* expire date: Nov 10 21:06:00 2019 GMT
* subjectAltName: host "" matched cert's ""
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x562a4f74fda0)
> GET / HTTP/1.1
> Host:
> User-Agent: curl/7.52.1
> Accept: */*
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 200
< date: Tue, 13 Aug 2019 11:29:58 GMT
< server: Apache
< x-frame-options: SAMEORIGIN
< vary: Accept-Encoding
< content-type: text/html; charset=UTF-8
* Curl_http_done: called premature == 0
* Connection #0 to host left intact
<img src="" border=0>

I was expecting the wordpress site to come up, but instead the /Web/index.php is called.

What am I doing wrong?

(TVS 473, FW

Re: Web server directing to the main login page

Posted: Wed Aug 14, 2019 5:46 am
by Toxic17
so using the built in Web Server feature you are limited to the constraints of what QNAP have added. If you want to load a different page than index.php then use the .htaccess file and its parameters oh btw, if you going to run a web server then read up a bit, its not just plug and play.

you can edit internal php files etc which you could break very easily but since you know very little of how to redirect a file then start with ".htaccess" files and what it can do for your web server

clue: default handler

DirectoryIndex index.html

Google the rest since I dont have any idea on your setup or software.

once you have it setup then start to harden the server and run diagnostics on it. here are a few suggested site to check your website once its running. it will find more issues than you want, but makes a good check on understanding Apache and php.

you will need more than just one line in the htaccess file and there are some generators online that can help.

For securing your website I suggest at least using ZB-Block.

once you are ready let us know the URL and we can take a looksee! resides on a NAS :) though not using the default web server.