Jump to content

Recommended Posts

Posted

Hello

I have been searching for several hours on how to disable the remote access and possibly make it more secure so no one else outside my network can see my files 

I read this topic "Disable Remote Access?" and many other topics - being newbie I have no idea how to disable it

when I go to My_IP_ADDRESS:8096 from other internet networks, it brings up a page that has my profile, 

 

can someone please make a step by step instruction on how to disable the remote so no one outside the network can access / know about me running this server?

thank you

Posted

Two steps:

 

1) In the server dashboard Advanced->Hosting page un-check "Enable automatic port mapping".

2) Delete any port forwarding rules relating to your Emby server from your router (how to do this depends on the router)

Posted

Two steps:

 

1) In the server dashboard Advanced->Hosting page un-check "Enable automatic port mapping".

2) Delete any port forwarding rules relating to your Emby server from your router (how to do this depends on the router)

thanks for the quick reply 

for step 2, does Emby server adds those rules automatically? because I didnt set up any rules

Posted

thanks for the quick reply 

for step 2, does Emby server adds those rules automatically? because I didnt set up any rules

 

See step number one :).

Posted (edited)

See step number one :).

Yes, I went there and unchecked the option 

but when I go to this site : http://www.yougetsignal.com/tools/open-ports/

and enter my ip address and 8096, it says it is open (Running on http port 8096, and https port 8920.)

Edited by jim_lee
Posted

Well, that is a process that runs at server start up.  Once it happens, the rules will be there in your router.  So, you'll need to go to the router setup and remove/disable them.

Posted

My "see step 1" comment was simply an answer to your question - yes, we do automatically create the rules, if that option is enabled.

Posted

I fail to understand why this option is turned on by default. It should be opt-in not opt-out. There are a large number of posts about the topic and the consensus seems to be that people want to make the decision themselves not have it pre-decided for them.

Posted

This may have changed but I believe the start-up wizard asks you.

  • Like 1
Posted

If it did, I don't believe I saw it. And if it did it should probably be highlighter, maybe on its own screen of the wizard.

Happy2Play
Posted

I fail to understand why this option is turned on by default. It should be opt-in not opt-out. There are a large number of posts about the topic and the consensus seems to be that people want to make the decision themselves not have it pre-decided for them.

This only happened if "uPnP" is enabled on your router.  If it is off on your router then the request can never be made.  So it really doesn't matter what the server wants to do if you have your router set up the way you want.

Posted

When a generic user gets their router they almost never, ever login to make a single change. I never changed any uPnP setting in my router, which means it was a default setting. I installed emby and it decides to open ports. Sorry, but that's not particularly user friendly.

Deathsquirrel
Posted

It should probably be off by default...and people that are going to pitch a fit about any security setting probably shouldn't be running the default settings on their router when said router supports UPNP reconfiguration ;)

  • Like 1
Posted

Well, you had me at the first part. In terms of the rest of the sentence, not-so-much. People who are going to "pitch a fit" are either doing so because (a) "default on" is a terrible design when it comes to something that should be opt-in or (B) because they clicked on the link for the external IP and realized their videos were available to the world. In terms of the router supporting UPNP by default, I'll just add it to the list of reasons why Verizon's equipment sucks  :D

Posted

 Sorry, but that's not particularly user friendly.

 

Actually, it is extremely user friendly but not very security conscious. 

 

However, note that the API is secure - assuming you give your users passwords.

Posted

Well, you had me at the first part. In terms of the rest of the sentence, not-so-much. People who are going to "pitch a fit" are either doing so because (a) "default on" is a terrible design when it comes to something that should be opt-in or (B) because they clicked on the link for the external IP and realized their videos were available to the world. In terms of the router supporting UPNP by default, I'll just add it to the list of reasons why Verizon's equipment sucks :D

So did you also complain to Verizon that there default configuration is insecure and should be opt in rather than opt out too ;)

  • Like 1
Maleficarum
Posted

When a generic user gets their router they almost never, ever login to make a single change. I never changed any uPnP setting in my router, which means it was a default setting. I installed emby and it decides to open ports. Sorry, but that's not particularly user friendly.

 

Most router manufacturers worth a damn will tell you in the user guides to make changes as soon as you install an item of theirs, including, but not limited to user passwords and port settings. If a user doesn't make those changes then that's on them. If people could actually be bothered to look at the settings a device offers and configure them properly and not run stock the multiple lists of default router passwords available on the internet would not be such a problem.

  • Like 1
Posted

So did you also complain to Verizon that there default configuration is insecure and should be opt in rather than opt out too ;)

It's possible. I've complained to them about so many things it might have gotten lost in the pile :)

  • Like 1
Posted

Most router manufacturers worth a damn will tell you in the user guides to make changes as soon as you install an item of theirs, including, but not limited to user passwords and port settings. If a user doesn't make those changes then that's on them. If people could actually be bothered to look at the settings a device offers and configure them properly and not run stock the multiple lists of default router passwords available on the internet would not be such a problem.

Because most cable customers are well-aware of the fact that they need to read the user guide for their cable modem? I'd politely suggest that someone qualified to be an alpha tester probably associates with people who are more technologically savvy than the average user who has read on cnet or some other site that "cutting the cable" is the newest thing to do and a smart move and what all the cool kids are doing and, and, and ... People look to emby (and Plex and the other HTPC-related software) to help them easily watch movies that they've ripped after paying $50 for some software recommended by the aforementioned cnet article. They're not looking for lessons in how to make sure their router is (or isn't) configured. My point (and based on a search through the forum archives, the point of a multitude of others) is that it should be opt-in and not opt-out. If you want to be able to watch your videos when you're not at home, then click here. Otherwise, don't worry about it.

  • 2 weeks later...
3l3phant
Posted

As an FYI - Just did a complete delete/reinstall. I'm running the server on OS X. There is no startup wizard.

Posted

There is, it just may not launch by default on all systems. So once you visit the web interface, you'll be redirected to the startup wizard. If that's not happening then your complete delete was probably not as complete as you thought.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...