Disable NAS redirect to remotewd.com?

MyCloudEX2 Ultra redirects to a remotewd.com address after loading the website from the LAN IP address. How can I disable this on the NAS?

1 Like

There is no method offered by WD to do this. You could make a change on the device but it would be wiped likely with the next update. You could look at what address the device checks before using the remotewd.com domain and block that from your router which might ensure the device never uses it.

That said, not sure the benefit or concern that would drive you to stop using it? The remotewd.com address simply uses DNS to tell your browser to look for your device using the local IP within your network while using the domain to allow for the SSL certificate to be issued for your device and thus protect your connect to it.

I have disabled Internet access for the NAS. It’s a redirect from the web interface.

The script is freely visible from chrome. Even though WD tries to label their html as “trade secret”, which is utter nonsense. If there’s no way to actually turn off the script. I’ll have to do it by hand. This is a highly undesired “feature” I do not want my NAS reaching out to WD every single time I have to configure something.

1 Like

btw I have it redirected too initially after upgrade, but then by an unrelated reason I needed to change my RAID array mode and to restore the default settings of the device. After that, my EX4100 no longer redirects to remotewd. I am on 5.06.115. Any idea what script actually does the redirect - I want to figure out what changed. Thank you!

There’s a bit more going on here. The NAS is accessing the cloud regardless if the cloud settings are turned off. check your logs using ssh. specifically /var/log/wdpublic.log

RestSDK appears to be hitting the cloud endlessly. It’s filling the log files up. I actually got my NAS to stop accessing the redirect by blocking its Internet access in my router. Then reboot the NAS. It will stop redirecting.

I have a Wd ex4 pr4100 - My cloud keep connecting to remotewd.com.
my cloud keep connecting to remotewd.com instead of local ip
can’t connect like before with explorer on windows or with “RUN” typing \ip
can create shared mapped folder but next reboot, it says “too many connections”, even tho i am connected to my nas only from one device!!!
says: you need administrative permissions and too many server connections, WTF? can’t use my nas anymore.
did a clean restore, created new shares, did everything i could.
how can i change that "remotewd to the normal login, where i see in my browser only the nas ip?
that western digital 5 firmware is a disaster and for sure wd nas is a keep a live big problems since i bough it.
shame on you WD western digital. western digital products are not good, to many problems with your firmwares since i bout my pr4100.
will never buy western digital again!!!

1 Like

I’m also not a fan. I put off the update for sometime but instantly regret it. Now I’m trying to find a way to revert back to the old way of logging in. honestly, I feel somewhat deceived. Has anyone found a way to disable the script, even by hand?

Looks to be explained what why and how here:

But not how to turn it off. Sorry.

1 Like

Yes. . . the HOW is explained well enough for me (and a number of others) to want NO PART of the redirect functionality.

At this point, I am pretty sure that this “feature” is here to stay; and is one of 3 or 4 reasons I have not even powered on my OS/5 NAS since the start of the year.

They just don’t give a **** for your privacy or YOUR data. Have you actually read the EULA? It’s basically no longer YOUR data that you store. I hope WD follows the example of google and rethinks privacy…

I will certainly skip this “update” because of that.

I notice this behavior as well. Like others, I find this change a problem.
it’s not only unexpected, it’s a potential security risk.

I bought the product with the expectation that I could PREVENT any network traffic from exposure to the internet. In other words if I have the cloud feature turned off, the only network traffic that the NAS should be sending back to wd.com websites is a check for the firmware. And that should even be blocked if I have automatic updates turned off.

And also, what’s with the dialog box asking us if we want to submit metadata to help improve the product? That’s not necessary.

The address format I’m seeing now is
https://device-SOME_UNIQUE_ID dot remotewd dot com

This means that whatever data I send “to the device”, such as changes in settings, PASSWORDS, etc… are potentially being sent to remotewd.com first instead of directly to the NAS?!? What?

There is only one reason why a node on the network would need to create a unique web address and map it to the a network interface, and that reason is to set up a configurable DNS like function. One day the traffic goes to the NAS directly, and then after that … to wherever the NAS wants it to go to. It’s a simple matter of telling the NAS to turn OFF the name resolution, and presto … the traffic starts flowing to some computer outside the network the NAS is on.
I notice that the special remotewd dot com address is NOT in the NAS /etc/hosts file. So … um … what feature on the NAS is managing that lookup? Good grief this is a security hole you could drive an aircraft carrier through.

It’s pretty obvious that the UUID in the web URL is a unique identifier for my specific NAS.

None of this is OK. If I had known this device was going to override my settings and consult with WD servers (ESPECIALLY when using the browser based interface) would not have bought it.

In my view WD must address this pronto. It’s a very serious problem.

EDIT #1: I ran trace route on the address, and it appears that for the moment the NAS has set up a specific routing table to route the address to remotewd com to resolve to the NAS address. This is weird, because I specifically set the device name to something else. I don’t feel it’s appropriate for the NAS to be substituting its own hostnames for the one I selected.

1 Like

I did some research on this and I found something from the support staff that tries to address this issue
https://community.wd.com/t/my-cloud-os-5-https-redirects/259031/3

Looks like others in this thread found the same link and mentioned it.

I understand they are trying to be helpful, but this is a super horrible idea. I must have, at all times my NAS hostname to ONLY be the hostname I select in the settings. Thanks.

1 Like

Is there no official word on this? I just upgraded last night and was stunned to see this redirect. I worried it was a virus or something. It’s not, but I don’t like pinging WD every time I want to access my admin…and it makes me wonder what other data they’re privy to.

Not good, WD.

Hello, firmware 5.11.112 added the option for user to turn off the HTTPS redirect for access from the web configuration dashboard.

http://os5releasenotes.mycloud.com/#/

2 Likes

Thank gawd hahah…I didn’t see the option.
Performance on https was abysmal and made using the drive almost impossible. The website was timing out and I was having lots of errors. I just turned off https and everything (so far) is speeding along as expected.

EDIT:
I’m wrong. Maybe it’s because of the ENDLESS indexing, but the drive is now so slow and unresponsive as to be almost unuseable. I’m kinda scared because I have important data there. It’s not even letting me turn off cloud access for some reason. Thanks WD

I found this conversation thread as I recently firmware upgraded my WD and found when I logged in I was redirected to an Internet domain (FQDN) instead of the local LAN IP of my WD device. I was concerned as I didn’t understand what was happening… so I looked into it.

Not sure if these posts are monitored by WD or not, but I’m surprised that no one from WD has pointed out that the custom DNS WD create for your WD device actually resolves to the Internal IP of your WD device. It doesn’t point to the Internet at all.

As such, if any storage data is leaving the WD device and traversing the Internet, it is not due to this custom DNS.
The login screen you see is rendered by your WD device and the communication is directly between your computer and your WD device. When you login, the credentials are going from your computer to the WD device direct over your LAN.

What WD have done is created an actual Internet DNS entry so HTTPS can be supported. (HTTPS requires a certificate which requires an actual domain name.)
You can see the custom DNS name points to the LAN IP of your WD device yourself by simply pinging the custom DNS name created for your WD.
You’ll see it resolves to the LAN IP of your WD device, and not an Internet IP.

I’m not supporting WD or saying what they are doing is right, I’m just saying that I think most of the fears being expressed here about private data going out over the Internet are unfounded based on what I’m seeing with my WD device and this custom domain they created.

At worst, the only data WD could be collecting is the LAN IP of your WD device (which is mostly useless to them) and possible they might be able to see how often the DNS name gets queried, but even this would be useless info to anyone.

The point to be made here is, just because it looks like an internet domain doesn’t means it points to the internet.

Greg

1 Like

just checking in. this is still an issue.

Just put the long string “device-local…remotewd.com” in your local hosts file with the address of your mycloud and make that address static. Then running the admin GUI will no longer need to do DNS lookups to find the address.

Just to be clear… it is no redirect.

The URL is locally used and translates into the local IP of your home server. The “.remotewd.com” part of the URL is needed so a valid certificate can be used for the secure (HTTPS) link between your local cliënt and your local host, there is no traffic going outside your LAN on this feature. So blocking this domain is no problem.

You can check the certificates used by clicking on the small hanging lock in you browser (Chrome). You will see that the root certificate is one from LetsEncrypt.

Cheers :slight_smile:

1 Like

To solve this issue, go to Settings, Network, Web Dashboard Services – click HTTPS Redirect (turn off). It will log you off. You will need to log back in. You’ll see your original IP Address after that.

2 Likes