2023-11-30, 03:17 PM
(2023-11-30, 08:26 AM)Kubwa Wrote: Personally, i would highly recomment not making jellyfin publicly available. You never know if, maybe, somewhere in the code of Jellyfin, or the libraries it uses are zero day exploids.
Consider using a vpn like wireguard. There are clients for nearly all devices available.
Your logic would make it impossible to have anything publicly accessible because "you never know". Having said that, this is the reason we strongly recommend a reverse proxy in front of Jellyfin if you make it publicly accessible. Jellyfin is not hardened and having the reverse proxy in front of Jellyfin eliminates, or at least mitigates, most web based attack vectors.
Jellyfin 10.9.11
Ubuntu 24.04 LTS (bare metal)
Intel i3 12100 on Asus Prime H610M-E D4 mATX
32GB DDR4-3600
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
WD Green 3TB (Samba shares)
WD Red 3TB CMR (WIP Media, Test libraries)
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
Fractal Meshify 2
Corsair CX430
Ubuntu 24.04 LTS (bare metal)
Intel i3 12100 on Asus Prime H610M-E D4 mATX
32GB DDR4-3600
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
WD Green 3TB (Samba shares)
WD Red 3TB CMR (WIP Media, Test libraries)
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
Fractal Meshify 2
Corsair CX430