Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?
Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?
Cloudflare. Just make sure to disable caching
How do you get the mobile app to connect?
I just type the URL
I have Cloudflare set up without Auth. Just region locked to my country
So it’s just a solid reverse proxy with a bunch of features and an added layer with white listing.
I know whitelisting isn’t security per say but it’s good enough
Idk if geo whitelisting is really good enough. I can’t speak for OP, but I’m in the same position and I don’t. I had high hopes for the post but everyone seems to just brush over the “secure” part
What are you afraid of?
My jellyfin runs in a a rootless podman container
I’m afraid of security bugs in the software I’m using, so that containers don’t contain, read-only doesn’t prevent writing, mounting directories doesn’t restrict access to those directories, etc.
I’m a nobody, I can’t imagine anyone targeting me or my random domain, but I can imagine getting swept up in a net of attacks of opportunities targeting hosted software with known vulnerabilities, or injected supply chain vulnerabilities, so I want to reduce my attack surface as much as I can (while still actually letting the people I want to access it actually access it)
Then don’t expose anything on the internet