I recently installed Photos II on my new Duo v2. I set everything up as per standard settings and sent out a test invitation to a 'test' album.
My brother in law (an IT engineer) rang me straight away after trying the invite, to tell me that my public IP address was being port forwarded, allowing him to use the IP address to access the admin login page for the NAS unit itself. He was able to bring up the login page, asking him to provide a user name and password!
His major concern was that hackers would be able to easily access our home network, as the IP address if known allows them to come past the router into our network and thus access all machines, files etc that are connected.
I have now disabled uPnP and disabled Photos II. I would like to remove the add on completely after this, but the option to remove it is greyed out. Why would that be?
Does this sound like a valid security issue, or is he mistaken? I only know the basics of setting up small networks.....