2024-01-25, 04:13 PM
(2024-01-25, 04:08 PM)Efficient_Good_5784 Wrote:(2024-01-25, 01:53 PM)jschwar313 Wrote: The reason I was pursuing this is because I formerly used plex and I got a bunch of viruses from that. I heard about the LastPass breaking that was caused by plex being on an employee's machine, so I thought that this was the way to go. Is it still secure if I get metadata from the internet or do I have to stop that, too? I don't know a lot about networks and vulnerabilities. Thanks.If you're not going to use your server outside of your local network, don't worry about this.
Just because you can reach the internet and download things doesn't mean that the servers or people on the other end can connect to you (by default).
With or without a reverse proxy, fetching metadata requires your server to connect to external metadata providers. For a server to be compromised from the metadata, the metadata source would have to be compromised and modified by an attacker, then for the Jellyfin server to pull that modified metadata. A reverse proxy would not help here since the server itself initiated the connection first.
A reverse proxy only protects your server from people/bots trying to find it from the internet. It does nothing to prevent you or a program from downloading bad things since that's not the exact purpose of a reverse proxy.
Take a look at the beginning of this site, it might help you understand what a reverse proxy does too: https://www.zscaler.com/resources/securi...erse-proxy
Ooops. I marked the wrong thread as a solution. I don't understand why it's below the thread. Oh well. Sorry.