this post was submitted on 26 Jun 2025
364 points (98.4% liked)

Selfhosted

46672 readers
1740 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
364
Jellyfin over the internet (startrek.website)
submitted 23 hours ago by TribblesBestFriend@startrek.website to c/selfhosted@lemmy.world
202 comments fedilink hide all child comments
 

What’s your go too (secure) method for casting over the internet with a Jellyfin server.

I’m wondering what to use and I’m pretty beginner at this

you are viewing a single comment's thread
view the rest of the comments
[–] borax7385@lemmy.world 4 points 21 hours ago (1 children)

I have had Jellyfin directly open to the Internet with a reverse proxy for years. No problems.

[–] pHr34kY@lemmy.world 3 points 19 hours ago* (last edited 19 hours ago) (1 children)

If your reverse proxy only acknowledges jellyfin exists if the hostname is correct, you won't get discovered by an IP scanner.

Mine's on jellyfin.[domain].com and you get a completely different page if you hit it by IP address.

If it does get found, there's also a fail2ban to rate-limit someone brute-forcing a login.

I've always exposed my home IP to the internet. Haven't had an issue in the last 15 years. I'm running about 10 public-facing services including NTP and SMTP.

[–] douglasg14b@lemmy.world 3 points 17 hours ago

Please to see: https://github.com/jellyfin/jellyfin/issues/5415

Someone doesn't necessarily have to brute Force a login if they know about pre-existing vulnerabilities, that may be exploited in unexpected ways