I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.
My SSL/TLS encryption mode appears to be “Full”.
Thanks! No, that’s exactly what I wanted to do :) I was just wondering if it’s okay to have this many random requests, which seems to be fine.
Understood. Any public-facing server will be bombarded by bots. You need to deploy measures to avoid being hacked:
- Firewall: lockdown everything, allow only the strict necessary
- Remote login/SSH: update default username and pasword, only allow remote login using Encryption Key authentification
- (Optional) configure fail2ban to slowdown the attacks
- Keep your server up-to-date: configure auto-update, unattended-update or similare
- Setup and keep regular backups: be ready to nuke your server at anytime, with the confidence you can restart fresh in a short time and low effort
Obviously, there are many other security steps that can be put in place, but firewall and ssh hardening are absolutely mandatory
Being up to date is VERY important. There’s a bunch of sites out there that scan the entire internet endlessly and keep information about each IP up to date. For example go here and search your IP.
When a vulnerability is found, attackers will go to sites like these and look for anything to hack. If you don’t update more or less immediately, you’re at huge risk.
Other then that, everyone else is right. Being available to the public means you’re going to have bots scanning you and sending random trash. The only thing you can do is try and block it (fail2ban) or limit it (block certain countries) but at the end of the day its the software that gets the packets (jellyfin) that you need to trust to be secure and discard random junk.
