35

When I see this sort of thing, and other people are trying to do it, a reverse proxy or vpn is always mentioned. Heres my question:

How Dangerous is it to just open the port for it on my router and access it like that?

Lets say i want to access jellyfin from Kodi on my xbox or something outside my network, the vpn solution wouldnt work for this i would think.

My issue with reverse proxies, and why im asking, is it seems less secure? I mean Im well aware that an IP is easy to get, i guess. But how likely is someone to look for something on my network specifically? With reverse proxies it seems like i would be broadcasting my server to the internet in a way its easier to happen across, than someone being interested in a random residential IP.

I run a minecraft server for friends on my main computer anyway, and i know tons of people do that, theoretically thats the same level of danger as opening my network for jellyfin specifically.

VPN isnt an option because of this xbox stuff i mentioned and people in my family who have 0 chance of understanding it regardless.

So what is the better option, going through this reverse proxy ( which im actually also unsure would work with kodi) or rawdog the server on my network. I guess leaving the server exposed? or every device even.

you are viewing a single comment's thread
view the rest of the comments
[-] foonex@feddit.de 5 points 3 years ago

A reverse proxy does not magically make an insecure app secure.

[-] eddie@fig.systems 3 points 3 years ago

That's where nginx security options and other tools like fail2ban come into play. I could've mentioned it better in my first sentence but a reverse proxy gives the capability to make it more secure than any options jellyfin will give you.

I'd rather put nginx with modsecurity in front of jellyfin than not.

this post was submitted on 14 Jun 2023
35 points (97.3% liked)

Selfhosted

60644 readers
600 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS