I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Scary le Poo@beehaw.org · 3 months ago

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Powderhorn@beehaw.org · 3 months ago

Who has the technical wherewithal to run Jellyfin but leaves access on the open web? I get that sharing is part of the point, but no one’s putting their media collection on an open FTP server.

The level of convenience people expect without consequences is astounding. Going to be away for home for a few days? Load stuff onto an external SSD or SD card. Phoning home remotely makes no sense.

Kusimulkku@lemm.ee · 3 months ago

Friends, family using Jellyfin is the reason many have it directly available (and not behind VPN for example).

LandedGentry@lemmy.zip · edit-2 3 months ago

deleted by creator

PolarisFx@lemmy.dbzer0.com · 3 months ago

They jacked their prices, or are about to anyway. If you don’t have a lifetime Plex pass then Plex might not be a viable option. My seedbox provider has been pushing people to Jellyfin for anyone without a Plex pass.

LandedGentry@lemmy.zip · edit-2 3 months ago

deleted by creator

PolarisFx@lemmy.dbzer0.com · 3 months ago

I thought I had a lifetime Plex pass, but turns out I was on yearly and the price went up $20/year, so I bought lifetime before the price went up. My whole family uses Plex, I couldn’t handle setting up Jellyfin for everyone and their devices.

LandedGentry@lemmy.zip · edit-2 3 months ago

deleted by creator

Flax@feddit.uk · 3 months ago

Doesn’t have a sync play feature like Jellyfin does

LandedGentry@lemmy.zip · edit-2 3 months ago

deleted by creator

ReversalHatchery@beehaw.org · edit-2 3 months ago

thanks but no. I like my privacy more

LandedGentry@lemmy.zip · edit-2 3 months ago

deleted by creator

ReversalHatchery@beehaw.org · 3 months ago

I’m not exposing jellyfin, but for sure I wouldn’t let my plex server even see the internet (I bet iy wouldn’t even work that way).

jellyfin is perfectly accessible everywhere it needs to be. been using a VPN on my phone for ages for all traffic.

Omgboom@lemmy.zip · edit-2 3 months ago

I get that sharing is part of the point, but no one’s putting their media collection on an open FTP server.

You would be very wrong about that. You can even search open FTP servers using Google

http://palined.com/search/

Powderhorn@beehaw.org · edit-2 3 months ago

OK. I’ll revise. No one with any sense is doing this. “Hi, RIAA and MPAA, come after me” is an asinine approach. I realize we have at least one generation unfamiliar with Napster, KaZaa and LimeWire, which replaced ratio FTP servers (which in turn replaced F-Servs in IRC). This is terrible online hygiene. You don’t leave your media out there for all to see. At least password protect access before linking to your friends.

jarfil@beehaw.org · 3 months ago

The typical guides for installing Jellyfin and friends, stop at the point where you can access the service, expecting you to secure it further.

Turns out, the default configuration for many (most) routers, is to allow external access to anything a local service will request it to allow, expecting you to secure it further.

Leaving it like that, is an explosive combo, which many users never intended to set up, but have nonetheless.

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Collection of potential security issues in Jellyfin · Issue #5415 · jellyfin/jellyfin