networking kind of goes over my head. how can I be sure my jellyfin setup is safe on my local network? installed on debian stable
TLDR; It’s local only by default.
Your router is what determines what has access to what. By default, things can access the internet on ports 80 (http) and 443 (https). Jellyfin has access to the internet to download metadata, art, etc. If you want to block this activity, I don’t know the answer to that.
Your router is split between LAN and WAN. Local Area Network (your house) and Wide Area Network (the world). LAN to LAN doesn’t have restrictions by default, which is why you can access Jellyfin on port 8096 while you’re connected to your home network.
LAN<->WAN has restrictions in place via your firewall. Your router has a default firewall. Some routers allow you to change the firewall rules. Firewalls are very important. Port 8096 is not forwarded to the WAN by default, and you have to change a setting in your router to do that.
thanks for the help! just the tldr I needed. not too long did read
If you haven’t done port forwarding on your router you’re fine.
I mean it should be pretty safe if it’s local only. If your network is compromised jellyfin is the least of your worries.
Switch to mobile data and put the public ip of your network and the jellyfin port in a browser and make sure it can’t be accessed
Check your router firewall and your comouter firewall