Hosting a Blog on Synology NAS — Complete Setup Guide

🗓 2026-02-22 08:54:51  •  📄 Tech  •  ⏱ 5 min read
Tech synology nas hosting tutorial

Synology NAS & Namecheap Blog Setup Manual

This guide provides step-by-step instructions for hosting your Python-generated static blog on your Synology NAS, connecting it to your Namecheap domain, and managing the workflow.

1. Networking & IP Management

Finding your Public IP

The Public IP is the address your ISP (Internet Service Provider) gives to your home. This is what the world uses to find your blog.

  1. Go to WhatIsMyIP.com.
  2. Note down the "IPv4" address (e.g., 123.45.67.89).

Finding your Local NAS IP

The Local IP is used by devices inside your house to talk to the NAS.

  1. Open Synology DSM (the web interface).
  2. Go to Control Panel > Info Center > Network.
  3. Look for something like 192.168.x.x (or similar). This is your NAS's internal address.

2. Namecheap & Domain Configuration

To link your domain to your NAS:

Step 1: Set the A Record

  1. Log in to Namecheap.
  2. Go to Domain List > Manage (next to your domain).
  3. Click the Advanced DNS tab.
  4. Click ADD NEW RECORD:
    • Type: A Record
    • Host: @
    • Value: [Your Public IP from Section 1]
    • TTL: Automatic (or 1 min for testing).

Step 2: Set the CNAME (for www)

  1. Click ADD NEW RECORD:
    • Type: CNAME Record
    • Host: www
    • Value: yourdomain.blog. (Include the dot at the end).
    • TTL: Automatic.

3. Router Configuration (Port Forwarding)

Your router is a firewall. You must "open a door" for web traffic.

  1. Log into your router's admin page (usually 192.168.1.1 or 192.168.18.1).
  2. Find Port Forwarding or Virtual Server.
  3. Add two rules:
    • Rule 1: Port 80 (External) → Port 80 (Internal) → IP YOUR_NAS_LOCAL_IP (NAS).
    • Rule 2: Port 443 (External) → Port 443 (Internal) → IP YOUR_NAS_LOCAL_IP (NAS).
  4. Apply/Save.

4. Synology Web Station Setup

Synology needs to know which folder contains your website.

  1. In DSM, open Web Station.
  2. Go to Web Service > Create.
  3. Select Static Website.
  4. Name: my-blog.
  5. Description: My personal blog.
  6. Document root: Click Browse and select: /web/yourblog/output.
  7. Click Next and Create.

5. Development Workflow (How to Update)

Your blog follows a Write → Build → Deploy cycle.

Step 1: Profile Editing

To change your Bio or Skills, edit:

satheeshvelu.blog/data/profile.json

Step 2: Build (Generate HTML)

Run this command on your Mac:

python3 build.py

This transforms your Markdown files and profile.json into the output/ folder.

Step 3: Deploy (Sync to NAS)

Make sure your NAS is mounted on your Mac (Finder > Go > Connect to Server). Then run:

python3 deploy_to_nas.py

This copies the contents of your local output/ folder to the NAS web folder.

6. SSL Security (Free HTTPS)

To get the "Green Lock" (https://):

  1. In DSM, go to Control Panel > Security > Certificate.
  2. Click Add > Add a new certificate > Get a certificate from Let's Encrypt.
  3. Domain Name: yourdomain.blog.
  4. Email: Your email address.
  5. Subject Alternative Name: www.yourdomain.blog.
  6. Click Apply.
  7. Once issued, click Settings and ensure your Web Station service is using this certificate.

7. Security Hardening

7.1 Enable HTTPS / SSL (Priority #1)

Without HTTPS, all traffic between visitors and your NAS is unencrypted.

  • Follow Section 6 above to set up the free Let's Encrypt certificate.
  • After setup, visitors will see a padlock in their browser and your URL will start with https://.

7.2 Lock Down the Synology Firewall

Block everything except web traffic. In DSM:

  1. Go to Control Panel > Security > Firewall.
  2. Click Edit Rules for your network interface.
  3. Add an Allow rule for Port 80 (HTTP) from all sources.
  4. Add an Allow rule for Port 443 (HTTPS) from all sources.
  5. Add a Deny All rule at the bottom.
  6. This blocks DSM ports 5000/5001 from the internet, keeping your admin panel private.

7.3 Never Expose DSM to the Internet

Your router's port forwarding should only forward ports 80 and 443 to the NAS.

  • Never forward ports 5000 or 5001 (DSM admin pages).
  • To access your DSM remotely and securely, use Synology QuickConnect or a VPN instead.

7.4 Enable 2-Factor Authentication (2FA) on DSM

  1. Log into DSM.
  2. Click your username (top right) > Personal > Account.
  3. Enable 2-Factor Authentication.
  4. Follow the setup using an app like Google Authenticator or Authy on your phone.
  5. This ensures even if someone guesses your password, they still can't log in.

7.5 Change Default Admin Username

The username admin is the first thing attackers try.

  1. In DSM, go to Control Panel > User & Group.
  2. Create a new user with a custom name and give it Administrator privileges.
  3. Log out, log in with the new user, and then disable the default admin account.

7.6 Keep DSM Updated

Synology regularly releases security patches.

  1. In DSM, go to Control Panel > Update & Restore.
  2. Enable Automatic DSM Updates for important security fixes.

7.7 Use a Strong Router Password

Your router is the front door to your entire network.

  • Change the default admin password on your router to something long and unique.
  • Make sure the router's admin page is not accessible from the internet (most routers disable this by default — verify it).

Security Status Checklist

Task Priority Status
HTTPS / Let's Encrypt SSL Critical Set up in Section 6
Firewall (only 80/443 open) Critical See Section 7.2
DSM not exposed to internet Critical See Section 7.3
DSM 2-Factor Authentication High See Section 7.4
Custom admin username High See Section 7.5
DSM auto-updates enabled Medium See Section 7.6
Strong router password Medium See Section 7.7
Static site (no backend) Done Already in place

Manual last updated: 2026-02-22