this post was submitted on 02 Apr 2025
69 points (100.0% liked)
Technology
38589 readers
286 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm not smart, can you tell me if having it behind a reverse proxy with certs and everything fixes any of these flaws?
Not unless the reverse proxy adds some layer of authentication as well. Something like HTTP basic auth, or mTLS (AKA 2-way TLS AKA client certificates)
For nginx: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
so if I add a user ”john” with password “mypassword” to video.example.com, you can try adding the login as: “https://john:mypassword@video.example.xn--com-9o0a/
Most HTTP clients (e.g. browsers) support adding login like that. I don’t know what other jellyfin clients do that.
The other option is to set up a VPN (I recommend wireguard)
You can't do that with jellyfin.
Basic auth doesn't work with jellyfin. Its a bug. Enable it on your reverse proxy, and jellyfin breaks. Devs closed it as wontfix
That sucks, good to know.
Looks like creating a VPN is the only option for securing jellyfin.