If I reverse proxy, is it ok to leave Jellyfins internal port as default?

I do have proper protections + encryption in place, and I get security through obfuscation isn’t good, but I was told if you have good security it can’t hurt to change it, but since my reverse proxy is not running on 8096, is it ok to leave Jellyfin as the default?

If you’re exposing the jellyfin port directly on your public IP, then you’ve effectively bypassed the reverse proxy and it’s benefits. If you’re only exposing ports 80/443 to your reverse proxy and your Jellyfin port is only accessible on the internal LAN, then in the large majority of cases it’s fine. I assume the number of people who change the Jellyfin port is pretty small

Won’t be 80/443, something like example: 6000 with a let’s encrypt cert on it

The number itself doesn’t matter. As long as the only ports you have publicly available are your reverse proxy and not your Jellyfin instance directly the JF port doesn’t matter.