this post was submitted on 08 Dec 2025
81 points (98.8% liked)

Selfhosted

60114 readers
726 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require your active participation in selfhosting or related communities, or the post will be removed. No more than 10% of your posts or comments may be self-promotional, or your post will be removed. F/LOSS Exception: If your post is about a project that is completely open source & can be self-hosted in full without payment, and your account is at least 30 days old, your post is exempt from this rule as long as you continue to engage in comments.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
81
What's the security situation when opening a jellyfin server up for casting? (feddit.nu)
submitted 6 months ago by lime@feddit.nu to c/selfhosted@lemmy.world
76 comments fedilink hide all child comments
 

when reading through the jellyfin with chromecast guide i realized that it would probably be less effort to just let the casting api be public, with the added bonus that i could then cast my library to any device that supports it. but that seems like it would paint a giant target on the server.

what's the recommended way of doing stuff like this? ideally i want to be able to go to someone's house and just play some of my media on their tv.

not that any of this is doable in the near future, since i'm behind cgnat and won't get my colocated bounce server up until spring.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] dogs0n@sh.itjust.works 1 points 6 months ago (1 children)

No problemo.

Thanks for pointing out the reverse proxy comment. I think I was wrong to say simply putting jellyfin behind a reverse proxy will increase your security.

The benefits may only be minute or non-existent if you don't use the reverse proxy for handling other stuff like HTTPS (and redirects to https, etc), restricting access or adding extra authentication requirements (mainly https).

It may also be good to note that Jellyfins docs explicitly do not recommend directly exposing jellyfin ports to the internet (a reverse proxy or using a vpn are recommended instead).

Still I will continue to feel safer always using a reverse proxy when I expose to the internet (maybe my misconceptions).

[โ€“] victorz@lemmy.world 2 points 6 months ago (1 children)

Thanks again, mate. So basically, if I'm exposing my junk to the world, and by junk I mean service(s), and by world I mean the open internet, I should do it using a reverse proxy and enable HTTPS, otherwise it's not really very secure? Would that be a reasonable takeaway?

Yet again, thanks. Especially for pointing out the things you (may) be not so sure about. That's admirable. ๐Ÿซก

[โ€“] dogs0n@sh.itjust.works 2 points 6 months ago (1 children)

Hehe yep, that's a good takeaway and the same as what I think.

Thank you too, i enjoyed this discussion.

[โ€“] victorz@lemmy.world 2 points 6 months ago

Awesome, same ๐Ÿ˜Š All the best to you buddy!