I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?

  • λλλ@programming.devOPEnglish
    3·
    1 day ago

    SSO plugin is good to know about. Does that address any of the issues with security that someone was previously talking about?

    • Batman@lemmy.worldEnglish
      2·
      1 day ago

      I’d say it’s nearly as secure as

      basic authentication. If you restrict deletion to admin users and use role (or group) based auth to restrict that jellyfin admin ability to people with strong passwords in keycloak, i think you are good. Still the only risk is people could delete your media if an adminusers gmail is hacked.

      Will say it’s not as secure as restricting access to vpn, you could be brute forced. Frankly it would be preferable to set up rate limiting, but that was a bridge too far for me

      • Appoxo@lemmy.dbzer0.comEnglish
        2·
        18 hours ago

        I set mine up with Authelia 2FA and restricted media deletion to one user: The administrator.
        All others arent allowed to delete. Not even me.