I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.
My SSL/TLS encryption mode appears to be “Full”.
Any time I’ve ever had a server of any kind connected to the net it’s gotten endless ‘doorknob turning’ from bots scanning for stuff. At the very least, bots trying ssh passwords on common accounts.
I don’t have any specific jellyfin advice, but random attempts from all over is pretty usual on the net these days.
It sounds like you made your Jellyfin server public-facing, which is probably not what you want, even though it is supposed to be secured.
I recommend that you setup access through an exclusive and private connection of some kind. E.g: VPN, Tailscale, ZeroTier.
Thanks! No, that’s exactly what I wanted to do :) I was just wondering if it’s okay to have this many random requests, which seems to be fine.
