I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.

My SSL/TLS encryption mode appears to be “Full”.

  • Domi@lemmy.secnd.me
    link
    fedilink
    English
    arrow-up
    5
    ·
    11 months ago

    You can avoid these scans by only using wildcards on your DNS entries and SSL certificates.

    Both of these are commonly used by bots to find new domains.

    • lazynooblet
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      11 months ago

      Wildcard SSL subjects make sense as the certificate is public. But how does wildcard DNS help? They aren’t public other than the requests coming from the client which don’t use wildcard anyway.

      • Domi@lemmy.secnd.me
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        I would not depend on DNS records being private. On the off chance that one of the nameservers messes up, I would prefer if no subdomains are leaked.

        But you’re correct, most of the time those leaks happen somewhere else.