...quick and dirty

 

Modify default http(s) redirect behavior ports (80 -> 5000 and 443 -> 5001)

Thanks to Tony Lawrence

cd /usr/syno/share/nginx

Create a backup of the files you will change

cp server.mustache server.mustache.bak
cp DSM.mustache DSM.mustache.bak
cp WWWService.mustache WWWService.mustache.bak

Instead of listening to (and redirecting from) port 80, let's change to port 8880

sed -i "s/80/8880/g" server.mustache
sed -i "s/80/8880/g" DSM.mustache
sed -i "s/80/8880/g" WWWService.mustache

For https let's change 443 to 8881

sed -i "s/443/8881/g" server.mustache
sed -i "s/443/8881/g" DSM.mustache
sed -i "s/443/8881/g" WWWService.mustache

Restart the built-in DSM nginx service

synoservicectl --restart nginx

Disable FTP access for admin user

add 'admin' to /etc/ftpusers, e.g.

admin
root
lp
smmsp
nobody
guest

Use of dynv6 dyndns service

Thanks to user mgutt who created a script that I modified a bit:

/usr/local/bin/ddns

#!/bin/bash
dnsname="your.dns.name"
token="your_token"
lastknown="/usr/local/bin/ddns_lastknown"
log="/usr/local/bin/ddns_log"

# get public IPv6
IPV6=$(ip addr list eth0 | grep "global dynamic" | cut -d ' ' -f6 | cut -d/ -f1 | sed -n '1p')

if [ -f $lastknown ]; then
                # obtain old IPv6
                OLDIPV6=$(sed -n '1p' < $lastknown)
        else
                # create log file (first execution)
                echo -n "$IPV6" > $lastknown
                OLDIPV6=""
fi

# send request if necessary
if [ "$OLDIPV6" != "$IPV6" ]; then
        wget -q "https://ipv6.dynv6.com/api/update?zone=${dnsname}&token=${token}&ipv6=${IPV6}"
        echo `date` "IPV6 update required" > $log
else
        echo `date` "IPV6 update not required" > $log
fi