How to wrestle your Synology into exposing itself to FTP

For a very long time now, possibly for the entire life of my main personal blog, Lunar Obverse been operating without any automatic backups. I know, shocking. I’m a technology professional; I have multiple backups for my computers and phones, cloud plus local for everything. Having been on the help desk when someone called in asking for help recovering lost files that weren’t backed up, I empathize with the pain of loss.

That changed this weekend. And wow, what a painful process it was.

This blog runs on WordPress, and the recommended program/plugin for backups is Jetpack, though there are several others. The problem with them is that they all cost money, typically a monthly charge. I’m not above paying for a necessary service when it makes sense, but a) I’m currently unemployed, and 2) I have a massive 12 TB Synology on my home network with 5+ TB of storage space empty. I also own a handful of unused domain names, and I understand file transfers and some command line stuff. Surely I can take all these disparate pieces and cobble together an automatic backup?

Turns out I can. But it took a lot of individual steps, and lots of tweaking. I’ll try to go through them in the order it makes the most sense for someone using this article as a how-to.

Step Zero: The Disparate Pieces

As I said, the blog runs on WordPress. It’s hosted on Bluehost, which is fine. They give me command-line and CPanel access to the underpinnings of my site, though for the most part I didn’t need to mess with that. But I did need to find and install the BackWPup plugin. The free version lets me schedule backups, select what gets backed up, and then save or send the backup to a variety of locations, like via email, to Microsoft Azure, S3, or even Dropbox. The one I was most interested in, though, was FTP.

Sure, that’s an antiquated and insecure means of transmitting files over the internet. Maybe rsync would be better? But FTP is simple. Right? It should be simple. I’ll start there.

Step One: Name Games

I had to then figure out the safest way for me to allow an external server to FTP files onto my Synology DS418. My home network is provided by Xfinity, which is my only choice, but some testing showed that they aren’t yet blocking ports to my home network. At least they’re not blocking 20, 21, 22, or the weird random ones FTP uses in passive mode. So I took one of my unused domains, and went into the DSM softare under External Access, and added the domain as a Dynamic DNS entry pointed at FreeDNS. That way, if my IP address changes, the DynDNS service will update it to match the domain name.

This worked almost immediately. I could ping the domain and get my home WAN address. Step one completed.

In DSM, Control Panel > File Services I enabled FTP, FTPS, and SFTP, as well as enabling anonymous FTP under Advanced settings. I also set the default home folder for anonymous FTP to the specific folder I wanted to use for backups.

And even though I did this later in the actual process, here’s where you, the smart reader learning from my mistakes, would go in and make sure that the system internal user that would be accepting anonymous FTP requests had read/write permission to that folder. You set the folder permissions under Control Panel > Shared Folder > , Edit > Permissions. Select “System Internal Users” from the drop-down, and then assign read/write permission to the user “Anonymous FTP/Presto/WebDAV”.

Step Two: Expose Your Network

But I still had to open those ports necessary for FTP. My home cable modem/router supports UPnP and Synology DSM can talk to a router using UPnP to configure ports. The problem I ran in to here was that the number of ports needed exceeded the number available either on Synology or my router. So it took several tries, until I finally manually went into the router settings and opened the ports to TCP/UDP traffic myself. Testing this, again, using a website like showed that at least the FTP ports were open. The upper ones wouldn’t be open until an active connection was in progress.

I set up port forwarding on my router to point traffic to those ports to my Synology. That worked beautifully when testing FTP on my internal network. It failed, though, when I tried to run the backup job across the WAN, on my webhost using the job I’d set up in BackWPup.

This is one area I spent a lot of time on, because the blog backup would fail with some generic error like

WARNING: ftp_nb_fput(): php_connect_nonb() failed: Operation now in progress (115)

or

WARNING: ftp_nb_fput(): Entering Passive Mode (xxx,xxx,xxx,xxx,xxx,xxx)

or

WARNING: ftp_nb_fput(): Can't build data connection: Connection refused

And I started by troubleshooting the ports. I logged in to my Synology via ssh with root, and ran tcpdump. That all seemed to work. Looking at the logs, it looked like the connection wasn’t the problem; the plugin was connecting just fine. It just failed when trying to send the files over.

I’ll spare you all the dead ends I went down and cut to the fix: I had to disable SSL-FTP in the plugin. Turns out, Synology doesn’t like that. Or, at least, I couldn’t figure out how to make that work. The files only transferred when that was off on the client end. And believe me, I tried every other setting on both ends. C’est la vie.

Final Thoughts

There are still some quirks of Synology’s implementation of FTP that I want to point out.

  • When I set the folder for backups on the client end, I had to include a leading / on the name. Otherwise, new folders would be created instead of Synology recognizing that the client is putting the files in an existing folder.
  • I messed up when trying to use Let’s Encrypt to create a certificate to secure FTP and SFTP and ssh connections to my Synology. Maybe that’s why explicit SSL-FTP isn’t working? But since I exceeded the number of requests I can make of Let’s Encrypt, until that resets or I figure out how to delete the several I created and deleted, I can’t fix that. That’s a long story.

But it’s all working. I now have twice-weekly full backups of the 21 years of posts I’ve tossed up onto the internet for y’all’s entertainment. A safety net. And then, since I’ve discovered a new hammer, I used it to nail down backups for my neice’s new travel blog, April Taking Off, since I don’t want her to lose her work, and she doesn’t really have anywhere to store offsite backups. (Also you should check out her travel posts, she’s great!)

Day 4 – Despicable Dodgers vs Sugar Titts

As a life-long Dodger fan I’m really disappointed in them right now. I even rooted for the Cubs today when they hosted the Dodgers in Chicago (and the Dodgers lost, which is just karma.)

What on earth could make me so mad? The way the Dodgers treated a fan this week who managed to catch a home run ball hit by new Boy in Blue Shohei Ohtani. She was sitting in the pavilion at Dodger Stadium, a location I’ve been before; baseball game tickets are expensive these days.

The team is promoting Ohtani as their new star, having paid a lot of money for him after losing some big hitters to free agency. And I don’t have anything against Ohtani; I think he’s a great addition to the roster and will probably do good things on the field. But on Wednesday, when Ohtani hit his seventh-inning homer padding out LA’s lead against the fucking Giants, the ball landed in the hands of Ambar Roman. And that’s when the trouble began.

Roman reports that security staff descended on her, separated her from her husband, and made an incredibly low ball offer to buy the ball from her. She says that the pressure was unwelcome, and that they even made threats to withhold the certificate of authenticity from her if she decided to keep it and take it home with her.

Two baseball caps signed by Ohtani. That was their offer. Auction house representative Chris Ivey, from Heritage Auctions, says that ball is worth US$100K easy. In fact, the Dodger fan store is selling a ball hit and signed by Ohtani for US$15K, and it wasn’t even a fair ball. The fact that the offer was bumped to include a bat and a ball (Ivey says is worth maybe a grand) doesn’t make this any better.

Roman has been posting about this on social media. Her Twitter (you can’t make me call it the dumb new name, Elon) handle is, and I swear I am not making this up, Sugar Titts. Her pinned post is the video of her catching that ball, clearly a proud moment for her. When she’s asked, she repeats that it’s not about the money, but the treatment, and I believe her. It was a big moment, and she acknowledges that it’s a big moment for Ohtani as well. He hit the ball, he should get the momento.

She didn’t even get to meet him to hand the ball off, although apparently Ohtani’s translator may have given that impression.

Today the front office said they’d be willing to do a little more and offered Roman and her husband, Alexis Valenzuela, a private box for her birthday. At least at that point, she’ll get to meet the team, not just Shohei Ohtani. The front office says they’re going to review their protocols for important situations like this in the future. Even today as I write this, they’re saying they’re open to trying to make it up to Roman for all this bad feeling.

But their immediate actions and the reporting on it has tainted my view of the team, and that’s no small feat after almost 4 decades of following the team.

Gotta say on this one, I’m on Team Sugar Titts.

My Favorite Posts From 2016

I need some personal inspiration. It’s been a long December, a long winter, a long year. I’ve seen other authors out there, posting their 10 favorite things they’ve written in 2016, and my first thought was, “did I even write 10 things this year?”

Yes, I did, but not much more than 10. Here’s my pick for the best of my writting this year.

My brand for 2016: meloncholy, emotional, nostalgia, apparently.

2017 will be better.

Ferguson Humanitarian Foundation International, Inc.

I’ve been helping out Christi Roehn, Social Media Director for the Ferguson Humanitarian Foundation International, primarily doing copy-editing for their blog posts and such, and today they featured me as a small thank you on their Facebook page.

Volunteer Highlight: Brian Moon
“Brian Moon lends us his copy writing skills to help us with our website, and post our blogs.”

I’m grateful to be able to help in whatever ways I can, and encourage you to look into their programs if their goals align with yours. They are primarily focused on improving education for young women in India and around the world.

Phildickian introspection

Poor old Philip K. Dick. A writer born with an immense amount of talent and an eager, open mind, but easily hurt by the cruel-seeming ways with which his fellow travellers treated him.

One of Phil’s major themes in his stories could be summed up in the question “What makes us human?” Time and again, he came down on the side of empathy as the most essential human trait. People who could show empathy to others were human; those without that ability were synthetic beings, as eerie as a life-like but otherwise empty mannequin of a human.

To be sure, playful Phil liked to turn his themes upside down from time to time; witness the android Abraham Lincoln in “We Can Build You” — technically a mechanical man, but still capable of a surprising amount of emotional life, quite possibly exceeding that of his creators.

Examples of Phil’s ideal humans are often the main characters in his stories. But the ones we remember most are the female characters who embody his duality of human-or-android. Rachel in “Do Androids Dream of Electric Sheep?” or Pris in “We Can Build You” show what Phil imagined was the less empathetic end of the scale. Pris, for example, was borderline psychotic and unable to love Louis, the protagonist of the novel. Louis is forced to compare the flesh-and-blood Pris to the gears-and-springs Abe Lincoln and, sadly (maybe inevitably, due to Phil’s world view) the flesh falls short, as it ever does.

Phil’s biographers have drawn paralels between Phil’s view of humanity, particularly his view of femininity, and Phil’s personal life. The connection seems obvious, at least to me. Phil was always searching for a woman who would allow him to be as close to her as possible, who would not take the opportunity to hurt and attack him if he showed his human vulnerability. A woman who would recognize that there was a part of him that felt pain when someone lied to him. Phil was aware and mature enough to recognize that people were far from perfect, to be sure; however, he also needed others to acknowledge their imperfections in a specific way. While he was hurt, as he was by the young runaway Donna with whom he lived for a while, he also desired others to speak to him about their actions, to try to repair the damage done to him and to the relationship that existed between them, to make amends. That was the best use of empathy in Phil Dick’s mind; to use positive, healing actions and words to salve the wounds caused by our human imperfections.

The Five-factor model gives us a way to describe complex human behavior, and rates its subject on five different scales. In a strict scientific sense the Five-factor model has flaws; for one thing, it makes no predictions and it appears to be unverifiable (there’s a similar model, the Myers-Briggs Type Indicator, that shares similar flaws) but if used simply as a way to describe a snapshot in time of a subject’s personality, and not as a hard-and-fast definitive view, it can be a useful shorthand.

The factors are: Extraversion, which measures the energy level of the individual in seeking social contact; Agreeableness, which measures cooperation and social harmony; Conscientiousness, which meausres how well an individual handles impulses, needs, and wants; Emotional Stability, which rates a subjects sensitivity to their inner emotional life; and Openness, which attempts to rate the person’s creativity and flexibility of thought.

Using this scale, and having read several biographies of Phil Dick’s life, I think that it’s easy to see that while Phil would score high in Agreeability and Openness, he would likely score low in Extraversion and Emotional Stability, a mixture that informs the characters he wrestled with in his novels. He liked being around people and would willingly continue an interaction, but would rarely initiate contact. And then, as people would reveal their discomfort for the intense intimacy that Phil preferred, or the less scrupulous would take advantage of it, Phil would feel an almost physical pain, cut to the core by their actions.

Like most of us, Phil tended to assume that the world would be a much better place if most others thought the same way he did, a blindness that caused him to elevate what he thought were his better values to absolute virtues; namely his love of positive interaction with others, his concern for people’s immediate well-being, his need to feel that concern reciprocated. His empathy.

Rarely did he find it in his sadly shortened life. But the few times he did were the hallmarks of a very human life.

I find it easy to identify with Phil’s values, since I believe I share many of his personality traits. I would imagine that our scores in the Five Factor model would be very similar, although I might score a bit lower in Agreeableness than Phil. But, certainly, the ability to not only feel other’s emotions, but to respond and react to them, to attempt to redress the negative impact one has on others and to encourage the positive impact on others is an immensely valuable quality. And rare.

Consider the case of someone who recognizes that lying and shutting others out and showing disrespect to someone with whom they wish friendship is bad, recognizes that that is the result of their actions… but continues to insist that they are friends. There’s a strange disconnect, treating these very negative traits as though they were simply a part of them, like their fingernails or their height, something that needs to be accepted, that in fact must be accepted as the price to pay for their superficially friendly interaction? There is a chasm between what I value and the actions they take that, I believe, preclude friendship. Such a person would be so alien to my way of thinking that I would have to borrow Phil’s term and call them an “android”.

My low score in Extraversion suggest my strategy for dealing with this; avoidance of the person involved. But a high score in Openness and moderate score for Agreeableness likewise suggest (accurately, but, then, bear with me as I abuse the model to drive home a point) that I would be amenable to the other person attempting to make amends.

But it would have to start with an apology. I would need to see that not only does the other acknowledge the conflict, but is attempting to redress the conflict.

If such a person stated that they were aware of these conflicts of values, how, then, could they consider leaving a door open for friendship without attempting to change? Behavior is not like the number of toes on your foot or the placement of your eyes; behavior can be changed, can be modified. It’s mutable, within limits. And if, as I realize that others may believe, it’s not able to be changed, then continued interaction is only going to continue to hurt at least one and probably both participants. And we only tend to hurt those we see as less than human, or we attack to cover our own vulnerabilty, or we lash out when we ourselves are fearful of impending hurt. Assuming one cares about the well-being of people we call friends, and assuming one doesn’t want to purposely hurt people one cares about (need I assume that?), and assuming one has relinquished all control over ones behavior… the only remaining solution, then, is complete avoidance.

Is it that unimaginable that someone would see the contradictions and want to exclude such a hollow person from their life? I understand that not everyone values the same things I value; I put a very high value on honesty and openness, maybe sometimes too high. But I also recognize that folks who have other values, and who place a low emphasis on the things I value, are poor candidates for friendship. And so I’m not going to push myself on people who exist in such a different world than myself. I accept my limitations and I seek to minimize them in my normal, day-to-day interactions with others.

But unless someone else has the self-awareness to understand that I have a part of myself that can be hurt by actions that they see as insignifant, I am not going to seek a closer relationship to that person. I am, in fact, going to avoid them, and to defend myself whenever someone like that reveals themself to me. It’s not a judgement I make quickly, by any means. But once I’m aware of that conflict in values, I am going to be constantly on my guard, and it would require greater and greater efforts by the other to overcome that defensiveness. That conflict in values is going to color even the simplest interaction I have with them. I’m open to change, but if the other states that change, for them, is not possible, what choice do I have?