Jump to content
Nikito

Security and Port Forwarding

Recommended Posts

Nikito

Hi everyone. Instant Emby fan and new Member here. As a network geek, I wanted to ask about port forwarding and security concerns in general. I'm a little uneasy about punching holes in my home firewall and wanted to know if others have run into similar concerns, and what they've done about it. As a former Plex user, one thing I liked was that I didn't have to port forward anything...being away from home I could still log into my Plex library just fine.  I don't know how they achieve this btw, maybe via proxy or a reverse connection to the client?  But in Emby, I can't access my library without forwarding TCP port 8096.

 

So...here are my questions:

1) Anybody feel the need to change the default Emby port to something else for security reasons? If so, anyone have any issues doing so?

2) I tried using TCP port 8920 for https connectivity and couldn't get my Android client app to connect. Normal http connections over 8096 work just fine. Any one else having this issue?

 

Thanks.

Share this post


Link to post
Share on other sites
Happy2Play

Sorry, Plex has all the same requirement.  I just googled "Plex port requirement" and first two links listed all the ports required, if you don't use upnp mapping.

Share this post


Link to post
Share on other sites
Koleckai Silvestri

As stated, Plex just opens the ports for you. Emby will try to do this as well. Changing the port won't make you more secure. A port scanner will find open ports if they target your network. If you want true security you'll want to use a VPN to connect to your server. Of course, this requires compatible hardware.

Share this post


Link to post
Share on other sites
Nikito

Hmm...not sure I agree with all of this.

 

As stated, Plex just opens the ports for you. Emby will try to do this as well. Changing the port won't make you more secure. A port scanner will find open ports if they target your network. If you want true security you'll want to use a VPN to connect to your server. Of course, this requires compatible hardware.

 

 

I have a Netgear R7000 router. Perhaps when I ran Plex UPnP worked and therefore I didn't have to manually configure port forwarding. With Emby this was not the case. The *only* way I could get it to work was to manually configure port forwarding. Also, the R7000 (and other routers) have port scan detection to prevent a massive port scan of your WAN IP, therefore changing the port should at least prevent the obvious attacker looking for an Emby exploit on the default port.

 

However, I do agree with the last sentence. VPN is the ultimate way to secure the connection, just tedious to setup and use on a mobile device. Anyone got an answer to my question #2?

 

Thanks!

Edited by Nikito

Share this post


Link to post
Share on other sites
JeremyFr79

Could always use port triggering instead.........

Share this post


Link to post
Share on other sites
Nikito

OK, will think more about this. Thanks all...

Share this post


Link to post
Share on other sites
Beardyname

For question  2: Make sure you have a valid ssl-cert if using the android app!

 

(opening it in a browser would let you manually continue, not the case with the app however)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...