this post was submitted on 26 Jun 2025
483 points (97.8% liked)

Selfhosted

60177 readers
932 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
483
Jellyfin over the internet (startrek.website)
submitted 1 year ago by TribblesBestFriend@startrek.website to c/selfhosted@lemmy.world
286 comments fedilink hide all child comments
 

What’s your go too (secure) method for casting over the internet with a Jellyfin server.

I’m wondering what to use and I’m pretty beginner at this

you are viewing a single comment's thread
view the rest of the comments
[–] 30p87@feddit.org 55 points 1 year ago (1 children)

fail2ban with endlessh and abuseipdb as actions

Anything that's not specifically my username or git gets instantly blocked. Same with correct users but trying to use passwords or failing authentication in any way.

[–] mosiacmango@lemm.ee 33 points 1 year ago* (last edited 1 year ago) (1 children)

Youve minimized login risk, but not any 0 days or newly discovered vulnerabilites in your ssh server software. Its still best to not directly expose any ports you dont need to regularly interact with to the internet.

Also, Look into crowdsec as a fail2ban replacement. Its uses automatically crowdsourced info to pre block IPs. A bit more proactive compared to abuseipdb manual reporting.

[–] Thaurin@lemmy.world 3 points 1 year ago

I have the firewall of my VPS reject any IP range except the ones I’m on frequently, that is mobile, home and work. Sucks when you travel, but otherwise works alright.

Still exposes ports to some people on the same mobile or home internet service networks…