I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be “Full”.

  • nolight@lemm.eeOPEnglish
    10·
    11 months ago

    Thanks! No, that’s exactly what I wanted to do :) I was just wondering if it’s okay to have this many random requests, which seems to be fine.

    • Synapse@lemmy.worldEnglish
      101·
      11 months ago

      Understood. Any public-facing server will be bombarded by bots. You need to deploy measures to avoid being hacked:

      1. Firewall: lockdown everything, allow only the strict necessary
      2. Remote login/SSH: update default username and pasword, only allow remote login using Encryption Key authentification
      3. (Optional) configure fail2ban to slowdown the attacks
      4. Keep your server up-to-date: configure auto-update, unattended-update or similare
      5. Setup and keep regular backups: be ready to nuke your server at anytime, with the confidence you can restart fresh in a short time and low effort

      Obviously, there are many other security steps that can be put in place, but firewall and ssh hardening are absolutely mandatory