2023-12-08, 05:17 PM
There have been, in the past, attacks on the handshake process weaken the resulting encryption. There are also several TLS ciphers that are weak that Jellyfin still offers to clients. Jellyfin has no way to turn those off or protect against some TLS attacks (read the wiki link below). But Apache/Nginx/Caddy do.
https://en.wikipedia.org/wiki/Transport_...y#Security
I also wrote a short guide to further enhance Apache and Nginx based on industry best practices.
https://forum.jellyfin.org/t-apache-ngin...ls-ciphers
https://en.wikipedia.org/wiki/Transport_...y#Security
I also wrote a short guide to further enhance Apache and Nginx based on industry best practices.
https://forum.jellyfin.org/t-apache-ngin...ls-ciphers
Jellyfin 10.9.7
Ubuntu 24.04 LTS (bare metal)
Intel i3 12100 on Asus Prime H610M-E D4 mATX
32GB DDR4-3600
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
WD Green 3TB (Samba shares)
WD Red 3TB CMR (WIP Media, Test libraries)
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
Fractal Meshify 2
Corsair CX430
Ubuntu 24.04 LTS (bare metal)
Intel i3 12100 on Asus Prime H610M-E D4 mATX
32GB DDR4-3600
Intel Arc A380
OS drive - SK Hynix P41 1TB
Storage
WD Green 3TB (Samba shares)
WD Red 3TB CMR (WIP Media, Test libraries)
3x WD Red Pro 6TB CMR in RAIDZ1 (JF Library)
Fractal Meshify 2
Corsair CX430