Jump to content


Photo

Security and Port Forwarding

security port forwarding port

  • Please log in to reply
7 replies to this topic

#1 Nikito OFFLINE  

Nikito

    Newbie

  • Members
  • 8 posts
  • Local time: 09:31 PM

Posted 25 February 2016 - 06:51 PM

Hi everyone. Instant Emby fan and new Member here. As a network geek, I wanted to ask about port forwarding and security concerns in general. I'm a little uneasy about punching holes in my home firewall and wanted to know if others have run into similar concerns, and what they've done about it. As a former Plex user, one thing I liked was that I didn't have to port forward anything...being away from home I could still log into my Plex library just fine.  I don't know how they achieve this btw, maybe via proxy or a reverse connection to the client?  But in Emby, I can't access my library without forwarding TCP port 8096.

 

So...here are my questions:

1) Anybody feel the need to change the default Emby port to something else for security reasons? If so, anyone have any issues doing so?

2) I tried using TCP port 8920 for https connectivity and couldn't get my Android client app to connect. Normal http connections over 8096 work just fine. Any one else having this issue?

 

Thanks.



#2 Happy2Play OFFLINE  

Happy2Play

    Trial and Error

  • Moderators
  • 18515 posts
  • Local time: 09:31 PM
  • LocationWashington State

Posted 25 February 2016 - 07:32 PM

Sorry, Plex has all the same requirement.  I just googled "Plex port requirement" and first two links listed all the ports required, if you don't use upnp mapping.



#3 Koleckai Silvestri OFFLINE  

Koleckai Silvestri

    Advanced Member

  • Alpha Testers
  • 3735 posts
  • Local time: 08:31 PM

Posted 25 February 2016 - 07:57 PM

As stated, Plex just opens the ports for you. Emby will try to do this as well. Changing the port won't make you more secure. A port scanner will find open ports if they target your network. If you want true security you'll want to use a VPN to connect to your server. Of course, this requires compatible hardware.



#4 Nikito OFFLINE  

Nikito

    Newbie

  • Members
  • 8 posts
  • Local time: 09:31 PM

Posted 26 February 2016 - 03:00 AM

Hmm...not sure I agree with all of this.

 

As stated, Plex just opens the ports for you. Emby will try to do this as well. Changing the port won't make you more secure. A port scanner will find open ports if they target your network. If you want true security you'll want to use a VPN to connect to your server. Of course, this requires compatible hardware.

 

 

I have a Netgear R7000 router. Perhaps when I ran Plex UPnP worked and therefore I didn't have to manually configure port forwarding. With Emby this was not the case. The *only* way I could get it to work was to manually configure port forwarding. Also, the R7000 (and other routers) have port scan detection to prevent a massive port scan of your WAN IP, therefore changing the port should at least prevent the obvious attacker looking for an Emby exploit on the default port.

 

However, I do agree with the last sentence. VPN is the ultimate way to secure the connection, just tedious to setup and use on a mobile device. Anyone got an answer to my question #2?

 

Thanks!


Edited by Nikito, 26 February 2016 - 03:44 AM.


#5 Happy2Play OFFLINE  

Happy2Play

    Trial and Error

  • Moderators
  • 18515 posts
  • Local time: 09:31 PM
  • LocationWashington State

Posted 26 February 2016 - 03:53 AM

Did you ensure upnp mapping was enabled in Emby? Advanced-Hosting

 

As for #2 I would check the android mobile forum.

 

http://emby.media/co...https/?hl=https


Edited by Happy2Play, 26 February 2016 - 03:56 AM.


#6 JeremyFr79 OFFLINE  

JeremyFr79

    Advanced Member

  • Members
  • 925 posts
  • Local time: 09:31 PM
  • LocationSeattle, WA

Posted 26 February 2016 - 04:10 AM

Could always use port triggering instead.........



#7 Nikito OFFLINE  

Nikito

    Newbie

  • Members
  • 8 posts
  • Local time: 09:31 PM

Posted 26 February 2016 - 04:15 AM

OK, will think more about this. Thanks all...



#8 Beardyname OFFLINE  

Beardyname

    Advanced Member

  • Alpha Testers
  • 944 posts
  • Local time: 05:31 AM

Posted 26 February 2016 - 12:20 PM

For question  2: Make sure you have a valid ssl-cert if using the android app!

 

(opening it in a browser would let you manually continue, not the case with the app however)







Also tagged with one or more of these keywords: security, port forwarding, port

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users