this post was submitted on 23 Oct 2023
29 points (100.0% liked)

Jellyfin: The Free Software Media System

5785 readers
1 users here now

Current stable release: 10.10.3

Community Standards

Website

Forum

GitHub

Documentation

Feature Requests

Matrix (General Information & Help)

Matrix (Announcements)

Matrix (General Development)

Matrix (Off-Topic) - Come get to know the team and blow off steam!

Matrix Space - List of all the available rooms on Matrix.

Discord - Bridged to our Matrix rooms

founded 4 years ago
MODERATORS
 

I am in love with my Jellyfin server (running in a Docker container) - it feels so nice to take back control over my media consumption again, after more than a decade in the land of streaming. So much, that I want to share this with my family.

So I was thinking of setting up a reverse proxy (Nginx Proxy Manager is what I have used before) and expose my Jellyfin-instance through that. However, I've seen several people be skeptical about this solution, instead opting for access through a VPN (I don't think that would be a good solution for some of my family members).

What are the potential pitfalls of setting it up this way, that makes people skeptical? Where could I go wrong, and what dangers would I expose myself to? As I understand it, this would only expose one port to the internet, direct all that traffic to the Nginx Proxy Manager, which then forwards traffic to specific ports internally on my home network, which sounds safe in my mind. Is it misconfiguration of the proxy manager I should be wary of? Or some exploits in the proxy manager?

you are viewing a single comment's thread
view the rest of the comments
[–] cyberwolfie@lemmy.ml 1 points 1 year ago

I think I equated denial-of-service with DDOS, and didn't consider isolated DOS attacks. Makes sense that there are people who would do that for kicks and giggles. I'll look into what protection options I have on my router firewall. There were some suggestions below on keeping a strict IP whitelist policy, which if implemented successfully would lower the risk of any such attack at least. I am just imagining that it might be quite a hassle maintaining such a policy, at least in the beginning.

To be honest, you’re probably going to get more trouble from your relatives than you will from a malicious actor.

Hehe, it is hopefully too many I will share this with, so I hope the burden won't be too big.