Assuming the user will not be connecting over vpn, but is both remote and non-technical, how would you expose Jellyfin to them securely?

  • nibbler@discuss.tchncs.deEnglish
    3·
    6 hours ago

    If client certificates and basic auth is not supported by jellyfin:

    • reverse proxy
    • strong random subdomain
    • wildcard certificate
    • tls1.3 only
    • doh/dot only

    1-3 make random scanners unable to find your service, 4&5 even hide it from your ISP. Dot/doh service will still know your subdomain, so be your own dot/doh ! :D

    • Jason2357@lemmy.caEnglish
      1·
      58 minutes ago

      I’m no expert, but an unguessible URL path is similar but not visible to DNS. Could do both.