I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be “Full”.

  • Trent@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    ·
    11 months ago

    Any time I’ve ever had a server of any kind connected to the net it’s gotten endless ‘doorknob turning’ from bots scanning for stuff. At the very least, bots trying ssh passwords on common accounts.

    I don’t have any specific jellyfin advice, but random attempts from all over is pretty usual on the net these days.

  • Synapse@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    It sounds like you made your Jellyfin server public-facing, which is probably not what you want, even though it is supposed to be secured.

    I recommend that you setup access through an exclusive and private connection of some kind. E.g: VPN, Tailscale, ZeroTier.

    • nolight@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      11 months ago

      Thanks! No, that’s exactly what I wanted to do :) I was just wondering if it’s okay to have this many random requests, which seems to be fine.