alt Hacker NewsDon't expose it to the internet unless you know what you're doing, or put it on a VPS you don't care about.
Ideally keep it behind a VPN and give your family members access to it that way, and let local devices on your LAN connect to it without a VPN.
Replies
RajT88 • today at 1:11 PM
TLS is a must-have. They don't bother doing any kind of password hashing on login. It's sent in cleartext.
➕ show 1 reply
ssl-3 • today at 3:43 AM
Those are fine ideas.
But I'm not all about getting something like Tailscale to work with my elderly mother's Roku device, nor teaching her how to use it.
➕ show 4 replies
I put mine behind caddy on a long unguessable path prefix. So that acts as a sort of password that you need to know before you can access it at all. So far it's seemed to work great. The advantage to using a path prefix vs like caddy basic auth is that its compatible with all the normal jellyfin clients.