this post was submitted on 22 May 2026
210 points (97.7% liked)

Selfhosted

60210 readers
642 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
210
People who are staying on Plex, have you tried Jellyfin? What about it do you not prefer? (real question) (discuss.online)
submitted 1 month ago by kiol@discuss.online to c/selfhosted@lemmy.world
438 comments fedilink hide all child comments
 

Honest question, because I know multiple people who are not looking to jump ship since they already have the Plex Pass.

you are viewing a single comment's thread
view the rest of the comments
[–] douglasg14b@lemmy.world 19 points 1 month ago* (last edited 1 month ago) (3 children)

Problem is access outside your home for family and friends.

There are serious security gaps that make it a non starter to expose to the internet.

I've been using Jellyfin ever since they forked out of Emby, and honestly, it's the biggest complaint that I have. It is incredibly difficult to make it available to friends and family who are on various devices, networks, so on and so forth.

Whereas Plex "just works."

[–] hexabs@lemmy.world 1 points 1 month ago* (last edited 1 month ago) (1 children)

Wait what? I have been sharing my jellyfin using a cloudflare tunnel to the endpoint.

Could you elaborate on the security gaps? How can I pen-test myself to see if I'm vulnerable

[–] Nibodhika@lemmy.world 5 points 1 month ago (1 children)

https://github.com/jellyfin/jellyfin/issues/5415 nothing too serious, but here you go

[–] hexabs@lemmy.world 1 points 1 month ago

Thanks, I guess I am mostly ok with these.

[–] karlhungus@lemmy.ca 1 points 1 month ago (1 children)

What security gaps in particular? I did have to reverse proxy to get it to https, are there additional security issues?

[–] douglasg14b@lemmy.world 2 points 1 month ago (1 children)

Exposed endpoints that have no authentication and various other things like that.

It's application level security issues.

If there is an older collation here https://github.com/jellyfin/jellyfin/issues/5415

[–] karlhungus@lemmy.ca 1 points 1 month ago* (last edited 1 month ago)

thanks; for anyone looking, the issues have been split out at the bottom, none of them are addressed as of this writing. I don't know that I feel like they are that serious (most of them allow you to play things if you know an ID), but they are the kind of thing you'd see in a project where there are bigger security issues.

[–] uthredii@programming.dev 0 points 1 month ago (1 children)

Why not use a zero trust VPN like netbird? It is fully open source.

You can create a reverse proxy that requires a password to get through to jellyfin. I think there is a limit of like 5 for this though (unless you pay or self host).

[–] Nibodhika@lemmy.world 6 points 1 month ago

Because clients would probably fail if there's an authentication layer on front that they're not expecting.