2024-03-05, 05:25 PM
Hi all, recent PLEX convert here. I know the popular solution is to use reverse proxy with caddy / letsencrypt... That being said, I have this working already but want to make sure its really secure. Windows host machine/server using build 10.8.13, I was able to set up DDNS with a generated SSL certtificate (part of a DDNS package I was already paying for so I figured why not), I got the cert generated and imported into Jellyfin and everything is working. I can connect to my Jellyfin server externally over HTTPS in a browser and it shows secure. I have ports on my router open on 443, 80, and 8920 which all point back to the Jellyfin server. In the Jellyfin server's networking settings have "Enable HTTPS" and "Require HTTPS" (the section where the cert is imported into) both checked off. I have not removed the HTTP port number (8096) from the sections where that is listed. I assumed it was not necessary because HTTPS is forced/required in the options above.
I CAN navigate to the server locally via browser/local IP and login when trying to connect using port 8920, but there is the site not secure warning. Accessing via HTTP/8096 redirects me to the login page/HTTPS. Not too concerned about this.
I CAN navigate to the server via external IP addres and port 8920. It allows me to log in, but again there is the site not secure warning. Trying to navigate to the external IP with HTTP/8096 refuses the connection. This is concerning to me.
My assumption is when someone connects to me externally, via URL, it is a secure connection and no ISPs can see what theyre watching off me. Am I correct?
My second question is for the external connection by IP, if someone got the IP address and HTTPS port number and connected to that, would that be an insecure connection? How is the server letting a login happen? Is encryption not taking place anymore? Is there something wrong in the settings I should take a look at?
I get that its a strech anyone would connect to me via direct IP, and have the login credentials to connect and stream something. I just worry about if there is a client/software connecting non-securely and an ISP being able to see the stream.
Thanks all for the time, and for helping a Jellyfin noob out!
I CAN navigate to the server locally via browser/local IP and login when trying to connect using port 8920, but there is the site not secure warning. Accessing via HTTP/8096 redirects me to the login page/HTTPS. Not too concerned about this.
I CAN navigate to the server via external IP addres and port 8920. It allows me to log in, but again there is the site not secure warning. Trying to navigate to the external IP with HTTP/8096 refuses the connection. This is concerning to me.
My assumption is when someone connects to me externally, via URL, it is a secure connection and no ISPs can see what theyre watching off me. Am I correct?
My second question is for the external connection by IP, if someone got the IP address and HTTPS port number and connected to that, would that be an insecure connection? How is the server letting a login happen? Is encryption not taking place anymore? Is there something wrong in the settings I should take a look at?
I get that its a strech anyone would connect to me via direct IP, and have the login credentials to connect and stream something. I just worry about if there is a client/software connecting non-securely and an ISP being able to see the stream.
Thanks all for the time, and for helping a Jellyfin noob out!