I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be “Full”.

  • Synapse@lemmy.worldEnglish
    101·
    11 months ago

    Understood. Any public-facing server will be bombarded by bots. You need to deploy measures to avoid being hacked:

    1. Firewall: lockdown everything, allow only the strict necessary
    2. Remote login/SSH: update default username and pasword, only allow remote login using Encryption Key authentification
    3. (Optional) configure fail2ban to slowdown the attacks
    4. Keep your server up-to-date: configure auto-update, unattended-update or similare
    5. Setup and keep regular backups: be ready to nuke your server at anytime, with the confidence you can restart fresh in a short time and low effort

    Obviously, there are many other security steps that can be put in place, but firewall and ssh hardening are absolutely mandatory