Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla…
Collection of potential security issues in Jellyfin This is a non exhaustive list of potential security issues found in Jellyfin. Some of these might cause controversy. Some of these are design fla…
Your smart TV is (presumably) on your local network, so you should be routing the requests locally (point the client at the local ip, assuming it didn’t autodiscover it) not through the VPN/ tunnel.
often, but not always. sometimes the TV is at a different house, when you are a guest or at a second property
Or even just on a differently vlan that you want to go through your reverse-proxy because that is where your security features are to separate you from shit you don’t trust.
In which case there are still ways to make it work, like putting in an SSO bypass rule for the IP of your other property. Point is, under no circumstances is it impossible to both have it be protected against scanning attacks like the ones described in the gh issue, and keep it available to use over the internet for authorized users.