- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure.
I’m no Plex fanboy but from what I’ve read Jellyfin auth leaves a lot to be desired from a security standpoint, particularly if you are opening it to the web. And chances are if your jellyfin server was breached, you wouldn’t get an email about it.
It’s simple, don’t open it to the web directly.
If you have the ability to make your server public you also have the ability to put Wireguard on it, and after initial setup it’s trivial to use it.
You shouldn’t really host publicly any service that you won’t be monitoring regularly for security incidents.
But I like sharing my plex library with people.
Jellyfin’s gonna be a bigger project than I thought I guess.
This is why I’m still on Plex. I would love Jellyfin to make that easy somehow but I get it.
That’s why I mentioned Wireguard is trivial. :)
On Android I can have the VPN active basically 24/7, it’s basically transparent in daily usage.
That does not fit my use case.
Or don’t open it to the web at all and just use it as a local streaming platform in your home.