I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be “Full”.

  • Synapse@lemmy.world
    link
    fedilink
    English
    arrow-up
    28
    ·
    10 months ago

    It sounds like you made your Jellyfin server public-facing, which is probably not what you want, even though it is supposed to be secured.

    I recommend that you setup access through an exclusive and private connection of some kind. E.g: VPN, Tailscale, ZeroTier.

    • nolight@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      16
      ·
      10 months ago

      Thanks! No, that’s exactly what I wanted to do :) I was just wondering if it’s okay to have this many random requests, which seems to be fine.

      • Synapse@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        10 months ago

        Understood. Any public-facing server will be bombarded by bots. You need to deploy measures to avoid being hacked:

        1. Firewall: lockdown everything, allow only the strict necessary
        2. Remote login/SSH: update default username and pasword, only allow remote login using Encryption Key authentification
        3. (Optional) configure fail2ban to slowdown the attacks
        4. Keep your server up-to-date: configure auto-update, unattended-update or similare
        5. Setup and keep regular backups: be ready to nuke your server at anytime, with the confidence you can restart fresh in a short time and low effort

        Obviously, there are many other security steps that can be put in place, but firewall and ssh hardening are absolutely mandatory

          • skankhunt42@lemmy.ca
            link
            fedilink
            English
            arrow-up
            7
            ·
            10 months ago

            Being up to date is VERY important. There’s a bunch of sites out there that scan the entire internet endlessly and keep information about each IP up to date. For example go here and search your IP.

            https://search.censys.io/

            When a vulnerability is found, attackers will go to sites like these and look for anything to hack. If you don’t update more or less immediately, you’re at huge risk.

            Other then that, everyone else is right. Being available to the public means you’re going to have bots scanning you and sending random trash. The only thing you can do is try and block it (fail2ban) or limit it (block certain countries) but at the end of the day its the software that gets the packets (jellyfin) that you need to trust to be secure and discard random junk.