100
Random requests to my private Jellyfin instance (lemm.ee)
submitted 7 months ago by [email protected] to c/[email protected]
30 comments fedilink hide all child comments

I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I'm not sure how secure it is, and I keep getting random requests from all over the world. It's my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be "Full".

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 26 points 7 months ago

It sounds like you made your Jellyfin server public-facing, which is probably not what you want, even though it is supposed to be secured.

I recommend that you setup access through an exclusive and private connection of some kind. E.g: VPN, Tailscale, ZeroTier.

[-] [email protected] 16 points 7 months ago

Thanks! No, that's exactly what I wanted to do :) I was just wondering if it's okay to have this many random requests, which seems to be fine.

[-] [email protected] 14 points 7 months ago

Understood. Any public-facing server will be bombarded by bots. You need to deploy measures to avoid being hacked:

  1. Firewall: lockdown everything, allow only the strict necessary
  2. Remote login/SSH: update default username and pasword, only allow remote login using Encryption Key authentification
  3. (Optional) configure fail2ban to slowdown the attacks
  4. Keep your server up-to-date: configure auto-update, unattended-update or similare
  5. Setup and keep regular backups: be ready to nuke your server at anytime, with the confidence you can restart fresh in a short time and low effort

Obviously, there are many other security steps that can be put in place, but firewall and ssh hardening are absolutely mandatory

[-] [email protected] 2 points 7 months ago

Thank you, these are great tips!

[-] [email protected] 7 points 7 months ago

Being up to date is VERY important. There's a bunch of sites out there that scan the entire internet endlessly and keep information about each IP up to date. For example go here and search your IP.

https://search.censys.io/

When a vulnerability is found, attackers will go to sites like these and look for anything to hack. If you don't update more or less immediately, you're at huge risk.

Other then that, everyone else is right. Being available to the public means you're going to have bots scanning you and sending random trash. The only thing you can do is try and block it (fail2ban) or limit it (block certain countries) but at the end of the day its the software that gets the packets (jellyfin) that you need to trust to be secure and discard random junk.

load more comments (2 replies)
this post was submitted on 29 Jan 2024
100 points (97.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

53939 readers
366 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

💰 Please help cover server costs.

Ko-FiLiberapay

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]