Carlo 4360 Posted November 25, 2021 Share Posted November 25, 2021 2 hours ago, pir8radio said: but yea it caused me headache in the beginning.. emby changed something, and the js was trying the old location because it was an old js file.. took me a bit to figure it out.. I had some of those "WTF" moments myself. Link to comment Share on other sites More sharing options...
Spaceboy 2557 Posted November 25, 2021 Share Posted November 25, 2021 that may also explain some of the historical issues i have had with CF and caching, although that was really to do with the 'arr's. i need to look at this advice and implement soon as well, thanks @pir8radio 1 Link to comment Share on other sites More sharing options...
Carlo 4360 Posted November 25, 2021 Share Posted November 25, 2021 @pir8radio and I both came at this differently I guess you could say without a template to work from and have both found all almost identical settings that work. Every once in a while Cloudflare makes some change (documented on not) that requires a tweak but other than that, these settings just flat out work. I'm currently running a couple Emby Servers through Cloudflare both tunneled and not tunneled on the same domain name. 1 Link to comment Share on other sites More sharing options...
Flexeire 5 Posted December 2, 2021 Share Posted December 2, 2021 (edited) This guide just saved my ass All iPhone, iPad, Apple TV, Fire tv and Smart tv users could not scrub, or resume playback correctly when the CF CDN was enabled. It was fine without it, but the peering was still bad. After following this guide the issue is now resolved!! instantly resolved. I had no idea CF was doing some weird caching of the Video as default that was screwing with the playback. Interesting the issue did not persist on Android TV apps, or web browsers. PS. Still don't see any HIT's showing in cf-cache-status yet, but like you said could take a while to show up Edited December 2, 2021 by Flexeire 1 Link to comment Share on other sites More sharing options...
Pog22 51 Posted December 2, 2021 Share Posted December 2, 2021 (edited) I'm not getting any hits at all. My Emby is on emby.mydomain.net how should I write my rules? 24 hours later not a single hit Edited December 3, 2021 by Pog22 Link to comment Share on other sites More sharing options...
igeoorge 26 Posted December 11, 2021 Share Posted December 11, 2021 Hi friends, Did you get the email from cloudflare talking about WAF? A snippet of the email: "As you may know, a zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021 that results in remote code execution (RCE). For all organizations using Log4j, you should update to version 2.15.0 as soon as possible. The latest version can be found at the Log4j download page. As a Cloudflare WAF customer, if the WAF is deployed on your traffic, you are automatically receiving mitigation against exploit attempts. Three newly deployed rules are already in place and were switched to a default action of BLOCK as of 14:15 UTC today." I'm a little lost. Should we do something on cloudflare? Link to comment Share on other sites More sharing options...
crash1015 5 Posted December 11, 2021 Share Posted December 11, 2021 I have a feeling that email we got was mostly for big business. I don't think it has to do with our small servers. But anyone can correct me if I'm wrong as I'm curious as well. Link to comment Share on other sites More sharing options...
Carlo 4360 Posted December 12, 2021 Share Posted December 12, 2021 It's just letting you know about a common exploit that's been found that does affect many people. Unless you're running those apps you have nothing to worry about with a typical Emby or Emby/NGINX setup. 1 Link to comment Share on other sites More sharing options...
igeoorge 26 Posted December 12, 2021 Share Posted December 12, 2021 Very clear explanation. Thanks as always! 1 1 Link to comment Share on other sites More sharing options...
neunghaha28 16 Posted December 13, 2021 Share Posted December 13, 2021 (edited) Thanks for sharing the always nice settings. Edited December 13, 2021 by neunghaha28 1 Link to comment Share on other sites More sharing options...
kennsann 1 Posted December 16, 2021 Share Posted December 16, 2021 (edited) Is it possible to ask for the nginx config you use? Nvm, found this Thanks for your work and sharing. Edited December 16, 2021 by kennsann 1 Link to comment Share on other sites More sharing options...
henryford 11 Posted December 16, 2021 Share Posted December 16, 2021 One thing to add: If you use Chrome to check whether the rules are working correctly, make sure to check the little checkbox "Disable cache" on top of the Network tab in the devtools. Otherwise chrome might just serve you content from its local cache. Other than that: Thanks for the guide 1 1 1 Link to comment Share on other sites More sharing options...
troyhough 58 Posted January 11, 2022 Share Posted January 11, 2022 @pir8radio @cayars Can you guys make new screenshots and/or merge all current settings that are optimal in the first post then keep it up to date going forward so people aren't forced to read the entire thread now and in the future? Just a thought. Thanks for all the hard work! 1 Link to comment Share on other sites More sharing options...
Carlo 4360 Posted January 12, 2022 Share Posted January 12, 2022 I haven't looked at it in a bit but I'm pretty sure he does keep it up to date. There are a couple settings that could be set different ways and not hurt anything but others that must be set a specific way to work correctly. I took a quick look at most of the important settings in your setup and changed the ones I knew needing changing but it would be a good idea to compare each screen to what he has. Send me a PM with any difference, just so I'm aware as well. You can always post a question in that thread as well for clarification or questions on any settings. Link to comment Share on other sites More sharing options...
troyhough 58 Posted January 13, 2022 Share Posted January 13, 2022 Just a heads up when it's set up this way, ALL traffic is sent out of your WAN and back to you instead of being just sent/received locally through the LAN. I had to go into my 2 primary Android TV devices and forget the server and re-enter using the local IP to force it to work via LAN. This is ok but whenever I travel and bring one of my devices with me I have to go in and forget the server and re-enter the login information using the https://....... Then when I return I need to go back, forget the server, re-enter the local IP info. @Luke @ebr Hopefully Emby will detect the server on the LAN and route traffic directly in the future if that is possible!?!? Link to comment Share on other sites More sharing options...
Luke 38108 Posted January 13, 2022 Share Posted January 13, 2022 6 minutes ago, troyhough said: Just a heads up when it's set up this way, ALL traffic is sent out of your WAN and back to you instead of being just sent/received locally through the LAN. I had to go into my 2 primary Android TV devices and forget the server and re-enter using the local IP to force it to work via LAN. This is ok but whenever I travel and bring one of my devices with me I have to go in and forget the server and re-enter the login information using the https://....... Then when I return I need to go back, forget the server, re-enter the local IP info. @Luke @ebr Hopefully Emby will detect the server on the LAN and route traffic directly in the future if that is possible!?!? We already do that. Make sure the correct local and remote addresses are displayed on your server dashboard. I think one limitation of the android tv app is that it won't be able to change addresses while the app is open, so the app will need to be restarted. But our standard android app will respond to network changes on the fly. Link to comment Share on other sites More sharing options...
troyhough 58 Posted January 13, 2022 Share Posted January 13, 2022 (edited) 13 minutes ago, Luke said: We already do that. Make sure the correct local and remote addresses are displayed on your server dashboard. I think one limitation of the android tv app is that it won't be able to change addresses while the app is open, so the app will need to be restarted. But our standard android app will respond to network changes on the fly. Is this what you are talking about? From the verbiage it sounds like Emby already presents the correct IP to apps and if it's left blank the server will automatically detect the local IP? Edited January 13, 2022 by troyhough Link to comment Share on other sites More sharing options...
vmcosco 19 Posted February 1, 2022 Share Posted February 1, 2022 These cache settings would NOT apply if I am only using Cloudflare for DNS Only (grey cloud) at this point right? 1 Link to comment Share on other sites More sharing options...
rodainas 188 Posted February 1, 2022 Share Posted February 1, 2022 16 minutes ago, vmcosco said: These cache settings would NOT apply if I am only using Cloudflare for DNS Only (grey cloud) at this point right? Correct 1 Link to comment Share on other sites More sharing options...
pir8radio 1301 Posted February 25, 2022 Author Share Posted February 25, 2022 UPDATE MADE TO POST #1 PLEASE REVIEW. 1 2 Link to comment Share on other sites More sharing options...
atropa 8 Posted March 5, 2022 Share Posted March 5, 2022 On 2/26/2022 at 12:10 AM, pir8radio said: UPDATE MADE TO POST #1 PLEASE REVIEW. What service would you recommend other than Cloudflare, which offers similar services. You can actually only use a vpn, right? Link to comment Share on other sites More sharing options...
pir8radio 1301 Posted March 5, 2022 Author Share Posted March 5, 2022 7 hours ago, atropa said: What service would you recommend other than Cloudflare, which offers similar services. You can actually only use a vpn, right? yea not a lot of services (free) that let you proxy through them. There are plenty of free CDN's but they do not hide your server IP... Link to comment Share on other sites More sharing options...
atropa 8 Posted March 5, 2022 Share Posted March 5, 2022 40 minutes ago, pir8radio said: yea not a lot of services (free) that let you proxy through them. There are plenty of free CDN's but they do not hide your server IP... Too bad. Cloudflare had everything I need. And it was easy xD. Haven't had any problems with videos so far. Are you still using Cloudflare at the moment? Link to comment Share on other sites More sharing options...
pir8radio 1301 Posted March 8, 2022 Author Share Posted March 8, 2022 On 3/5/2022 at 9:00 AM, atropa said: Too bad. Cloudflare had everything I need. And it was easy xD. Haven't had any problems with videos so far. Are you still using Cloudflare at the moment? yes i am.. I don't know what "gets people caught" not sure what they are looking into.. I know their terms say something like "disproportional amount" of video vs html, I also run some crypto stuff that does like 7 million requests a day that might be camouflaging my video stuff.. lol Link to comment Share on other sites More sharing options...
redrobot2121 0 Posted March 17, 2022 Share Posted March 17, 2022 is there any way to server the only video directly from the origin server but everything else should be proxied ??? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now