Comment

I mean it WOULD work you would just need a von on every device you wanted to use.

The REAL answer is never host them DIRECTLY, always use a reverse proxy like nginx. Many projects (i believe jellyfin is one of them) explicitly recommend this for better security

source

Sort:hotnew top

Dultas@lemmy.world ⁨2⁩ ⁨days⁩ ago
Throw in fail2ban as well.

source
- LordKitsuna@lemmy.world ⁨2⁩ ⁨days⁩ ago
  Eh, i just use pubkey only Auth config (so password entirely disabled as an option) and put ssh on a non standard port to reduce script kid noise. (and no 2222 is not non-standard it may as well be the default)
  
  Fail2ban triggers false too often for my taste in a high traffic environment.
  
  source
essell@lemmy.world ⁨3⁩ ⁨days⁩ ago
Did you learn that about my jellyfin by looking at my post history or connecting to my server? 😀

It’d struggle a bit on some setups, like when I’m using the Jellyfin app on my GFs smart TV… Or explaining to a friend in Europe how to setup a VPN without breaking anything else on his network… It is a risk for sure.

I’m too tired right now to parse what you mean about the port forwarding. I guess the idea is to reduce the impact if Jellyfin were breached or exploited. If you’re up for it, can you explain more about why that relates to port forwarding?

source
- LordKitsuna@lemmy.world ⁨3⁩ ⁨days⁩ ago
  If you ran nginx as a non privileged user it wouldn’t be able to bind to 80/443 as those are privileged ports. So you would need to use iptables to forward them to an unprivlaged port
  
  source
  - essell@lemmy.world ⁨3⁩ ⁨days⁩ ago
    Ah, gotcha! Thanks.
    
    I feel like that information could have multiple implications in future. Thank you!
    
    source