Synology weerbaar maken

Synology DSM 6.1 hardening settings:

Control Panel, security, advanced, TLS/ SSL Cipher Suites, Select Modern compatibility
Control Panel, user, advanced, Password Settings, Apply password strength rules, select;
- Exclude name and description of user from password.
- Include mixed case
- Include numeric characters
- Include special characters
- Exclude common password
- Minimal password length: 8
- Password history (times): 3
Control Panel, user, advanced,Password Expiration, select;
- Enable password expiration
- Maximum password valid duration (days): 183 (except administrator users)
- Minimum password valid duration (days): 1
- Prompt users to change password upon login before expiration (days): 14
- Send expiration notification emails; sent at 12:00, Days before the expiration; 14,10,5,3,2,1
2-Step Verification,select
- Enforce 2-step verification for the following users, all users
Control Panel, Terminal & SNMP, Terminal, (in case) SSH service, advanced settings, High
Control Panel, Security, Selecteer:
- Improve protection against cross-site request forgery attacks
- Improve security with HTTP Content Security Policy (CSP) header.
- Do not allow DSM to be embedded with iFrame.
- Clear all saved user login sessions upon system restart.
Control Panel, Network, DSM settings, Selecteer Automatically redirect HTTP connections to HTTPS ( Web Station and Photo Station excluded )

Beveiliging, Synology hardening, weerbaar