Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla…
Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla…
I think you can IP whitelist who can access it no? That should solve any problems
There is zero (0) chance of an attacker to know and then spoof address of your friend unless you have even bigger problems. Good filter should simply not respond to any packets making very existence of exploitable site undetectable.
Wrong use case, the expected one is friends and family watching stuff on your Jellyfin server from different homes, potentially through mobile, all with dynamic IPs
Perfect use for allowlisting based on dynamic DNS hostnames.
is that a feature in Jellyfin? and since when do all ISP subscribers have names in DNS?
You would set up the allowlist in your firewall. There are plenty of free options for dynamic DNS though not from any ISPs that I’m aware of.
oh, in your firewall. I think I can count the percents on one hand about how much of jellyfin users run a firewall applience besides it
deleted by creator
Does your friend have a static IP? Unlikely considering that you have to pay extra for a static IP.
We are lucky, we get two free. Technically they aren’t true static, its tied to MAC of your modem, or your router(s) – with ISP modem in bridge mode. You can pay for true static, but I have probably had the same IP for 5 years, and same with the modem/routerbeforre this one.
@Emmie @Scary_le_Poo That depends on the ISP, there’s still some out there that will give you one for free.