If this document does not correspond to your current software version, you can go to Download Center to find other available document versions.


QuTS hero 5.0.x

Download (PDF)

Configuring System Administration Settings

  1. Go to Control Panel > System > General Settings > System Administration.
  2. Specify the following information.


    User Action

    Server name

    Specify a name containing up to 14 characters from any of the following groups:

    • Letters: A to Z, a to z

    • Numbers: 0 to 9

    • Dashes (-)

    • The server name must contain one or more letters.

    • The server name cannot consist of numbers only.

    • The server name cannot start with a dash.

    System port

    Specify the port used to access the web interface.

    The default port is 8080.

    Enable HTTP compression

    Select this option to improve transfer speeds and bandwidth utilization. This setting is enabled by default.


    Enabling this option may lead to security risks.

    Enable secure connection (HTTPS)

    Select this option to allow HTTPS connections.

    1. Select Enable secure connection (HTTPS).

    2. Select a TLS version.

      The default TLS version is 1.2.


      Selecting the latest TLS version may decrease compatibility for other clients in your system.

    3. Enable strong cipher suites.

    4. Specify a port number.

    5. Select Force secure connection (HTTPS) only to require all users to connect to the NAS using only HTTPS.

    Custom HTTP server header

    Select this option to specify a server HTTP header.

    Do not allow QuTS hero embedding in IFrames

    1. Select this option to prevent websites from embedding QuTS hero using IFrames.

    2. Click Allowed Websites to allow a specific website to embed QuTS hero in IFrames.

    3. The Allowed Websites window appears.

    4. Click Add to add a website to the list.

    5. The Add Host Name window appears.

    6. Specify a host name.

    7. Click Add.

      The host name is added to the allowed websites list.

    8. Select a website, and then click Delete to delete a website from the list.

    9. Click Apply.

    Enable X-Content-Type-Options HTTP header

    Select this option to protect your device from attacks that exploit MIME sniffing vulnerabilities.

    Enable Content-Security-Policy-HTTP header

    Select this option to protect your device from attacks that exploit Cross Site Scripting (XSS) and data injection vulnerabilities.

    Redirect URL to NAS login page

    • QNAP recommends disabling this feature to prevent your NAS system from being exposed to the public.

    • If you have disabled the Web Server and entered the NAS IP address without the system port, the URL will be redirected to the NAS login page.


    You can check the web server settings by going to Control Panel > Applications > Web Server.

    Select this option to enable redirecting the URL to the NAS login page.

  3. Click Apply.