Do you know if having authelia as middleware for jellyfin solves this issue?
Comment on Is it normal to not have any malicious login attempts?
Flipper@feddit.org 1 week agoIt’s possible to stream from jellyfin without an account. Jellyfin should not be connected to untrusted networks, like the internet. Several API just don’t check the key or don’t require one in the first place.
greenashura@sh.itjust.works 1 week ago
clb92@feddit.dk 1 week ago
Not the person you asked, but I simply put Authelia in front of Jellyfin via my reverse proxy (not using OAuth to integrate with Jellyfin), and that means that you have to be authenticated for any request on my jellyfin subdomain to be able to reach my Jellyfin server. Probably means I can’t connect via the app remotely, only browser, but then I can just use my VPN and connect directly to the local IP.
Hansae@lemmy.dbzer0.com 1 week ago
Oof, ty for that ill get to remedying it.
bobs_monkey@lemm.ee 1 week ago
Iirc Jellyfin isn’t exactly intended to be operated outside of your home network like Plex is. There are workarounds of course, but the onus is on the user to secure it.