Release 10.11.7 · jellyfin/jellyfin
github.com
🚀 Jellyfin Server 10.11.7 We are pleased to announce the latest stable release of Jellyfin, version 10.11.7! This minor release brings several bugfixes to improve your Jellyfin experience. As alway...
  • tiz@lemmy.mlEnglish
    71·
    12 hours ago

    Don’t reverse proxies like pangolin just do the job? Does it have to be VPN in this particular concept? VPN isn’t like immune to vulnerabilities.

    • radar@programming.devEnglish
      21·
      11 hours ago

      Reverse proxy doesn’t really get you much security. If there is an application level issue a reverse proxy will not help

      • whimsy@lemmy.zipEnglish
        2·
        5 hours ago

        Hmmm, I’m a bit rusty on this but can’t one put an auth gate in front of the application, handled by the reverse proxy?

        • radar@programming.devEnglish
          3·
          5 hours ago

          You can, that would actually give you security. Not sure how many people do that. I assumed a straight reverse proxy without any auth

    • r00ty@kbin.life
      11·
      11 hours ago

      Reverse proxy will let anyone connect to it. VPN, you can create keys/logins for your intended users only. Having said that, from what I could see, nothing in the security fixes were to do with authentication. I think (just from a cursory look), they could only be exploited, if at all from an authenticated user session.

      But personally, something like jellyfin where the number of people I want to be able to access it is very limited, stays behind a VPN. Better to limit your potential attack surface as much as you can.

    • ohshit604@sh.itjust.worksEnglish
      3·
      10 hours ago

      Pangolin is based off of Traefik if I’m not mistaken, should be able to use Traefiks IP-Allowlist middleware to blacklist all IP addresses and only whitelisting the known few.