this post was submitted on 22 May 2026
313 points (97.6% liked)

Selfhosted

59923 readers
792 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
313
People who are staying on Plex, have you tried Jellyfin? What about it do you not prefer? (real question) (discuss.online)
submitted 3 weeks ago by kiol@discuss.online to c/selfhosted@lemmy.world
465 comments fedilink hide all child comments
 

Honest question, because I know multiple people who are not looking to jump ship since they already have the Plex Pass.

you are viewing a single comment's thread
view the rest of the comments
[–] douglasg14b@lemmy.world 25 points 3 weeks ago* (last edited 3 weeks ago) (3 children)

Problem is access outside your home for family and friends.

There are serious security gaps that make it a non starter to expose to the internet.

I've been using Jellyfin ever since they forked out of Emby, and honestly, it's the biggest complaint that I have. It is incredibly difficult to make it available to friends and family who are on various devices, networks, so on and so forth.

Whereas Plex "just works."

[–] uthredii@programming.dev 2 points 3 weeks ago (1 children)

Why not use a zero trust VPN like netbird? It is fully open source.

You can create a reverse proxy that requires a password to get through to jellyfin. I think there is a limit of like 5 for this though (unless you pay or self host).

[–] Nibodhika@lemmy.world 6 points 3 weeks ago

Because clients would probably fail if there's an authentication layer on front that they're not expecting.

[–] hexabs@lemmy.world 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Wait what? I have been sharing my jellyfin using a cloudflare tunnel to the endpoint.

Could you elaborate on the security gaps? How can I pen-test myself to see if I'm vulnerable

[–] Nibodhika@lemmy.world 5 points 3 weeks ago (1 children)

https://github.com/jellyfin/jellyfin/issues/5415 nothing too serious, but here you go

[–] hexabs@lemmy.world 1 points 3 weeks ago

Thanks, I guess I am mostly ok with these.

[–] karlhungus@lemmy.ca 1 points 3 weeks ago (1 children)

What security gaps in particular? I did have to reverse proxy to get it to https, are there additional security issues?

[–] douglasg14b@lemmy.world 2 points 3 weeks ago (1 children)

Exposed endpoints that have no authentication and various other things like that.

It's application level security issues.

If there is an older collation here https://github.com/jellyfin/jellyfin/issues/5415

[–] karlhungus@lemmy.ca 1 points 2 weeks ago* (last edited 2 weeks ago)

thanks; for anyone looking, the issues have been split out at the bottom, none of them are addressed as of this writing. I don't know that I feel like they are that serious (most of them allow you to play things if you know an ID), but they are the kind of thing you'd see in a project where there are bigger security issues.