Ok, so i noticed u can eassily access public files form mycloud on any computer linked to the home network, by going to Network > My cloud. So my question is, is there any way to set a universal password for the mycloud itself, such that when people go to network > Mycloud, it requires a password to acess all the folders inside, including public or private.
I want this i as i usually share my wifi password with friends and visitors, plus this is an added security.
There’s a way around the public share if you search the forum you can find that.
as to giving visitors your wifi password, that’s a really bad habit unless you change your password frequently. I have a separate guest wifi that has no access to my home network.
Obvious answer: move any files you don’t want public to a private folder.
Less obvious answer: exploit the bug Tony mentioned: using the Dashboard, try to change the name of the Public folder: MyCloud won’t let you, but, after you try, it becomes possible to change the access attributes; you can turn off Public access, and add access for Users, just like any Private Share.
cpt_paranoia wrote:
Obvious answer: move any files you don’t want public to a private folder.
This solves the Problem of reading without permission but does not solve the problem of everybody being able to flood the NAS with rubbish until disk is full. This is the much larger Problem. The Public share should be disabled by default or Limited to read-only mode. Both is not possible using dashboard without abusing bugs.
gemaa wrote:
This solves the Problem of reading without permission but does not solve the problem of everybody being able to flood the NAS with rubbish until disk is full. This is the much larger Problem. The Public share should be disabled by default or Limited to read-only mode. Both is not possible using dashboard without abusing bugs.
Should the Public Share have the ability to be set to Private? Yes. Unfortunately that isn’t the case, unless one exploits the bug in the WD My Cloud Dashboard user interface programming. Should the Public Share not be public in the first place? Everyone has their on opinion on that. it should be noted that the Public Share is supposedly used by the Twonky media server as part of its ability to aggregate DNLA shares either on the WD My Cloud or other DLNA media servers on the local network.
Out of curiosity who is this “everybody being able to flood the NAS with rubbish until disk is full”? Cannot anyone who has a Private Share not do the same? If concerned about unauthorized access to the WD My Cloud then that is a separate issue, one that involves a discussion the security of one’s local network and who is allowed to access that local network.
The WD My Cloud is generally marketed as entry level NAS designed for the home or small home office consumer market. It is not generally the best choice (the lower models anyhow) for use in a business environment where IT security is paramount. All to often people buy the WD My Cloud because of its lower cost hoping to get features found in the more expensive NAS models (and other manufacturers) and are disappointed, and proceed to vent those disappointments in these user to user support forums, when they find out these lower cost NAS units don’t support features or settings that are standard on much more expensive models.
The Public share should be disabled by default or Limited to read-only mode.
I suggest you direct your suggestion to Western Digital, who may be able to make the required firmware change.
As mere users, we are unable to make firmware changes for you, and can only offer you workarounds using the existing firmware.
Bennor wrote:
Out of curiosity who is this “everybody being able to flood the NAS with rubbish until disk is full”? Cannot anyone who has a Private Share not do the same?
for this it has quota on groups, but this belongs to known users only not to anonymous access.
for this it has quota on groups,
If you mean that you can place a limit on the size of Private shares, then no, you cannot. The were is no such mechanism on the MyCloud.
but this belongs to known users only not to anonymous access.
What ‘anonymous access’? Who are these anonymous people accessing your network? Is your network not protected with a strong wifi password?
gemaa wrote:
for this it has quota on groups, but this belongs to known users only not to anonymous access.
OK based on both your initial post that started this thread and subsequent posts there may be some confusion.
There is no ablity to set “quotas” either for groups or for file storage on the WD My Cloud via the Dashboard interface.
Once anyone has access to your WiFi network they will have the ability to save content to the Public Share folder on the WD My Cloud simply because the Public Share folder is not password protected by default.
Through a bug in the WD My Cloud Dashboard programing it is possible to change the Public Share folder to a private Share folder that will still be named “Public”. To do so simply attempt to change the Public Share folder’s name via the Dashboard. After you dismiss the error message that will be generated the “Public Access” option becomes user selectable and can be set to “Off”. Once set to “Off” one can configure the User access permissions for the now Private Public Share folder.
Once the Public Share folder has been configured as a Private Share, if one seeks to confine all guests that are granted access to the local network via WiFi or Ethernet to one a specific folder on the WD My Cloud, one could simply create a User named “guest” via the Dashboard. Then set the “guest” user permissions on all other Private Shares on the WD My Cloud to “No access”. This will prevent the “guest” User from accessing Private Shares they are not given permission too access. Once done give that “guest” user name/password to the network guests and they’ll have only one location to store files on the WD My Cloud. The only way to prevent a guest from filling that “guest” folder on the WD My Cloud is not to give them the WD My Cloud “guest” username/password.
One word of note in all this. If “Media Serving” is enabled on ANY Share folder, public or private, any media contained in those Share folders will be accessible to anyone using a DLNA client. If you do not want people to view media content located in a private Share, set the “Media Serving” option to “Off” for that private Share folder via the Dashboard.
one could simply create a User named “guest” via the Dashboard
I tried creating a user ‘guest’ a while ago; it wouldn’t let me (“error ‘a bad request was made’ 200400”), although it did create the share…
I concluded that there must already be a ‘guest’ user somewhere in the system (a default in Linux, I suspect)…
‘guests’ was an acceptable name.
cpt_paranoia wrote:
one could simply create a User named “guest” via the Dashboard
I tried creating a user ‘guest’ a while ago; it wouldn’t let me (“error ‘a bad request was made’ 200400”), although it did create the share…
I concluded that there must already be a ‘guest’ user somewhere in the system (a default in Linux, I suspect)…
‘guests’ was an acceptable name.
Ah yes forgot about that. There is already a “guest” account along with a whole slew of others listed (see below) while doing a “cat /etc/passwd” command from the root terminal via SSH. But the underlying process remains the same. One simply creates a User account with what ever name they choose (provided it isn’t already in use) and gives that username/password to their network guests there by confining them to a single Share provided the all other shares are configured for private access and that guest user account is not granted acccess to any other private share folders.
The “cat /etc/passwd” command output on a WD My Cloud with a single user (who’s name has been removed):
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:1000:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
sshd:x:101:65534::/var/run/sshd:/usr/sbin/nologin
guest:x:500:1000::/shares:/bin/sh
avahi-autoipd:x:102:105:Avahi autoip daemon,:/var/lib/avahi-autoipd:/bin/false
daapd:x:501:1000::/shares:/bin/sh
ftp:x:103:106:ftp daemon,:/srv/ftp:/bin/false
statd:x:104:65534::/var/lib/nfs:/bin/false
But the underlying process remains the same.
I know; I’m not that pedantic… It was meant to be a vaguely-interesting observation.
| Forums | News and Announcements | Register | Help | Forum Guidelines |
Copyright © 2021 Western Digital Technologies, Inc. All rights
reserved.
|
Trademarks
|
Privacy
|
Community Terms of Service
|
Site Terms of Use
|
Copyright
|
Contact WD
|