This is my last post for GEN8 to implement NAS functionality.
Here we will use a router (supporting DDNS service), DDNS service provider (peanut shell) account, URL domain name forwarding service provider (Western Digital), and one top-level domain name (2 pieces).
Achievement: Use the https or http protocol to access the webdav folder on the public domain through the top-level domain.
One, https, http access to achieve
Https is technically more secure than the http protocol. At least it looks like it is tall. There is also a benefit that http uses port 80. Port 80 is blocked in China and cannot be used by ordinary users. https uses port 443. There are no restrictions on access. ,
Before using https, you need to register with the domain name service provider to purchase a top-level domain name. The top-level domain name now requires real-name authentication (the most basic), and then applies for a domain name SSL certificate through the domain name service provider. Now most domain service providers provide free domain names for the top-level domain. SSL certificate, which is the lowest level certificate, only verifies that the domain name is correct, but the https protocol can already be used. Tencent, Western Digital, and Peanut Shell (charge) all provide this service.
How to install SSL certificate, online tutorial, you can see:
1, need to install the certificate service and certificate
Certificate Services Installation Links:
You only need to see how the service is installed. You do not need to look at the advanced configuration.
Certificate installation, import reference links:
Users of non-WS systems can see "Server Certificate" after installing IIS.
Second, IIS configuration
1. After importing the certificate, you need to associate the certificate with the local IP address. Click Bind - Add - Type - https - IP address select Fixed IP - SSL certificate Select the certificate you installed. 
2. Select Accept in SSL Settings and apply on the right side.
3, of course, you can choose not to accept 80 port access, select "request SSL" in the SSL below select "required", the right point of application.
Delete the port 80 in the "Binding" picture above.
3, as shown in Figure click to restart, click on the visit, if you can access, that the certificate has been successful.
note:
1. The personal information provided when registering a domain name is filled in as real as possible, or it may be troublesome if the real-name authentication (template transfer);
2, top-level domain names are not all like .com.net.cn, I use is .top;
3. If you already have a domain name, but the domain name provider does not provide a free SSL certificate, you need to apply for one by yourself to another domain name service provider. For Tencent, how to register an account is not listed (QQ number landing), and then add A domain name resolution, service providers are not the same, need to resolve the service is not the same, Tencent analytical guidelines. If the information is correct, your SSL certificate will be issued after the resolution service takes effect.
4, when buying domain names, you can choose non-mainstream domain names, these domain names are also top-level domain names, features the same, the price is cheap, need to pay attention to the point is to buy when you must first look at the price of the domain name renewals, or else continue to allow you to spend time.
5. When you are testing locally, because you are not using the domain name you applied for, the address bar is red. Don't worry, click Continue.
Third, the router mapping
Because of the different routers, the name of the port mapping is also different, I take the unit, for example:
Although the name is the same, the implemented functions are exactly the same. Add the port you need as shown in the figure. Save and restart it. It is recommended to buy a router with a firewall.
Fourth, DDNS service
In this comparison, I chose the peanut shell DDNS service. My top-level domain name is also applied in the peanut shell. This way, after the router logs in to the peanut shell account, I can directly access the top-level domain name. This way, I don't need to do URL forwarding. Directly enter the domain name in the browser can directly access the webdav folder, and achieve https access, let people is that the peanut shell DDNS I do not know is the reason of the router, or peanut shell reason, can not be accessed in real time through the domain name , Every time I restart the router (ASUS AC66U), domain name resolution of IP, up to half an hour long, sometimes anxious, can only login Peanut shell background, look at the IP mapped to the domain name, enter the IP in the browser, I can normally visit. I registered my peanut shell for five years. I also bought other services. I communicated with customer service and replaced the router's DNS. I tried Tencent, Ali, and Baidu, and it didn't work. It should be noted that Asustek provides its own DDNS. Basically, it is effective for real-time analysis. However, if you use ASUS DDNS, you cannot set the domain name resolution service. If the SSL certificate cannot be applied, you cannot implement https access, and you need to map. Port 80, you need to use "URL forwarding service", so this is why I registered a domain name in Western Digital, hey! It's a deep pit.
Write here, the Internet has achieved "domain name - router - server" access.
Fifth, the remote desktop
Careful people can see, I mapped the 3389 port in the router, which is the "remote desktop" service provided by windows, more practical, but there is a security risk, simply say that if you turn this feature on, now the phone supports remote desktop The software, so open this feature, holding a mobile phone to play a client game is still very coquettish; help the younger sister to solve a computer problem remotely has a future.
Make the same mapping in the router. When accessing, look for the program "C:WindowsSysWOW64mstsc.exe" in the system, shortcut to the desktop, and input your domain name directly in "Computer" when using.
Sixth, domain name business
I like my domain name. I have more than 20 hands in my hands at the most, but I gradually renew my fee, renew my fee, renew my fee, and leave it up. Now there are a dozen or so, so I compared the renewals fees of several domain name vendors. , Tencent domain name renewals cheaper quantity is the most, peanut shell expensive, Ali moderate, Western Digital, reciprocal. Top other are the most expensive (I used almost ten years), moderate domain name service providers, there is no special need Don't think about it, but hate it.
Peanut shells are renewed for several years. The renewals fee is not the same. The minimum number of years to continue can be equal to that of Tencent. However, because of the provision of DDNS service, it is also possible to apply for a domain name here. It also supports URL forwarding services, but it charges a fee.
At present, I have started to transfer all domain names to Tencent, and Tencent can see "URL forwarding services" in the analysis, but there is no specific test.
Reciprocal registration. Top domain has a very good benefit is a free space, the specific parameters have been forgotten, you can search on their own, can only use the .top domain binding access, as long as the renewals, the space has been free, but want to use space normally The need to record the domain name, and now is very convenient for filing, free to provide the curtain (I still charge), it is recommended that all the information is ready before you apply for open space, the application for filing needs the website to be able to visit normally, so you can first backstage And so on are deployed, choose the database to be careful, do not understand the people to find out. Open space 30 is not completed within the record, application for filing also need to do ten days or ten days, customer service generally do not say, just say you first open and then apply, then you are silly, automatically cancel the space expires, this is regarded as A pit.
Western Digital was the only domain name vendor I could find to support URL forwarding services. After all, no one would like to remember the DDNS domain name provided by Asustek.
Note: The URL forwarding is explicit and implicit. The difference is that the domain name displayed in the address bar is different when it is accessed. Explicitly displaying the target address to which your URL is forwarded, the address that you entered is implicit, and the domain name does not change. Https can not use implicit forwarding, the address bar will turn red, indicating domain name does not match, explicit no problem.
At this point, my series of articles will come to an end, I hope everyone can come up with their own programs to share, communicate, learn, thank you for watching.