Swynol 375 Posted September 5, 2018 Share Posted September 5, 2018 if it took the details successfully. give it 15-30 mins to update and fingers crossed it will work. It will now depend on your other settings On your router what ports have you forwarded? if you have forwarded 8920 or 8096 then you will need to enter the url https://emby.mydomain.com:8920 if you have forwarded port 80 and 443 external to 8096 and 8920 internal then you can just use the url without the port appended. https://emby.mydomain.com 1 Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 if it took the details successfully. give it 15-30 mins to update and fingers crossed it will work. It will now depend on your other settings On your router what ports have you forwarded? if you have forwarded 8920 or 8096 then you will need to enter the url https://emby.mydomain.com:8920 if you have forwarded port 80 and 443 external to 8096 and 8920 internal then you can just use the url without the port appended. https://emby.mydomain.com OK I will give it a bit longer. I have forwarded 8096 and 8920 and that url isn't working at the moment Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 if it took the details successfully. give it 15-30 mins to update and fingers crossed it will work. It will now depend on your other settings On your router what ports have you forwarded? if you have forwarded 8920 or 8096 then you will need to enter the url https://emby.mydomain.com:8920 if you have forwarded port 80 and 443 external to 8096 and 8920 internal then you can just use the url without the port appended. https://emby.mydomain.com Oh my god it worked! So can I not use emby connect now? Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 Also chrome says its not secure? Link to comment Share on other sites More sharing options...
Swynol 375 Posted September 5, 2018 Share Posted September 5, 2018 ye emby connect will still work aslong as the url that it reported on the emby dashboard it correct. when you created the SSL cert what subdomain did you use? the SSL cert will need to cover both the a record name i.e. ddns.mydomain.com and your emby subdomain. i.e. emby.mydomain.com Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 ye emby connect will still work aslong as the url that it reported on the emby dashboard it correct. when you created the SSL cert what subdomain did you use? the SSL cert will need to cover both the a record name i.e. ddns.mydomain.com and your emby subdomain. i.e. emby.mydomain.com Sorry bit lost with that question. I went to https://www.sslforfree.com/ and entered the domain i created. Do i need two certificates? so enter ' ddns.mydomain.com' and download certificate and then 'emby.mydomain.com' and download the certificate Really appreciate your time with this Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 On the dashboard the WAN is 'mydomain.com:8920'. Should it ready 'emby.mydomain.com:8920'? Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 YES! changed 'External domain:' emby.mydomain.com and it works! Amazing thanks so much 1 Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 Will it now always connect to ssl when not on LAN as I just went through emby connect and it says http not https? Link to comment Share on other sites More sharing options...
rbjtech 4283 Posted September 5, 2018 Share Posted September 5, 2018 (edited) Will it now always connect to ssl when not on LAN as I just went through emby connect and it says http not https? Force it it use https for remote (non-LAN) connections - using :- Advanced > Secure Connection Mode > Required for all remote connections then save. Two things to add - 1) May i suggest you also TEST once you have set it to ensure you cannot use http. and 2) then remove the http forwards on your router (leaving the https one only) to Emby - so you then have blocked it on the firewall and emby itself. Repeat the TEST. Edited September 5, 2018 by rbjtech 2 Link to comment Share on other sites More sharing options...
Swynol 375 Posted September 5, 2018 Share Posted September 5, 2018 Awesome [emoji1303]. Ye remove http access then test everything works. Also make sure you have a username/password setup on emby. Now just remember to renew your cert before it expires every 90 days. I used to renew mine around 60-70 days, it then gives you some time if you run into problems Sent from my iPhone using Tapatalk 2 Link to comment Share on other sites More sharing options...
rbjtech 4283 Posted September 5, 2018 Share Posted September 5, 2018 .. and for extra remote security, may I also suggest the following :- Hide all users from the login screens. Create an administrator account with a name that only you know - and disable/delete the default 'Administrator' account. If you are happy to only administer Emby on the local LAN (sensible), then simply untick the 'Allow remote connections' on the newly created Admin only account. That way, even if you were compromised remotely, they cannot do much with a read only / non-admin account. From within Emby itself, that is probably as far as you can go with security without adding external IP filters, which limits flexibility but could be useful if you had a fixed IP remote connection that you wanted to secure for example. 1 Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 Thanks. I have closed the non secure port on the router but http://www.canyouseeme.org says it open. Plus http does work even though the server setting is 'require all remote...' Link to comment Share on other sites More sharing options...
rbjtech 4283 Posted September 5, 2018 Share Posted September 5, 2018 Thanks. I have closed the non secure port on the router but http://www.canyouseeme.org says it open. Plus http does work even though the server setting is 'require all remote...' Are you testing via the internet only ? Try using your mobile - disable wireless and then just use 4G - if that still connects via http then something is definitely wrong .. Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 5, 2018 Author Share Posted September 5, 2018 Are you testing via the internet only ? Try using your mobile - disable wireless and then just use 4G - if that still connects via http then something is definitely wrong .. Yeah I was testing on 4g and still connects when I go to http://app.emby.media. Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 6, 2018 Author Share Posted September 6, 2018 So to recap, I am able to connect with https but when I go through emby connect it looks to be http even though emby settings saying 'require for all remote connection'. I have also removed the ports for http from the 'services' section of the router, leaving only the ssl port. I do have uPnp enabled though, is this relevant? See screenshots attached Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted September 6, 2018 Share Posted September 6, 2018 I believe you need to restart your server to update the server address emby connect returns. You can def disable automatic port mapping. Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 6, 2018 Author Share Posted September 6, 2018 I believe you need to restart your server to update the server address emby connect returns. You can def disable automatic port mapping. Thanks, removed automatic port mapping and restarted the server, no better. Also just restarted the router to try that and no better either. When i go to my domain its automatically secure and if you edit the address to http it fails, but through emby connect it isn't secure even though at the top of the dashboard the Remote (WAN) access is https://xxx Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted September 6, 2018 Share Posted September 6, 2018 Is emby connect connecting locally? Did you try with your phone without wifi? Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 6, 2018 Author Share Posted September 6, 2018 Is emby connect connecting locally? Did you try with your phone without wifi? Yeah I'm trying on works wifi Link to comment Share on other sites More sharing options...
Happy2Play 8296 Posted September 6, 2018 Share Posted September 6, 2018 I don't believe Connect forces https. You have to manually ensure you are using https://app.emby.media. Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted September 6, 2018 Share Posted September 6, 2018 (edited) I'm not sure why the address is not updating in emby connect. I don't have this issue, emby connect uses both my local address and my remote one https. Edited September 6, 2018 by Angelblue05 Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 6, 2018 Author Share Posted September 6, 2018 (edited) Is there any setting I should double check? Just to confirm the emby connect thing see attached screenshot done on works wifi Edited September 6, 2018 by mattykellyuk Link to comment Share on other sites More sharing options...
Happy2Play 8296 Posted September 6, 2018 Share Posted September 6, 2018 Connect is a alternative to your DDNS/WAN address there is nothing you need to enable. Either use https://app.emby.media or use your WAN address. Connect plays by its own rules. I just logged in with http://app.emby.media and when adding my server I was forced to add my https://WAN address and port, http would not connect. But the browser will always show unsecure unless you sign into Connect on https address. Link to comment Share on other sites More sharing options...
mattykellyuk 17 Posted September 6, 2018 Author Share Posted September 6, 2018 Connect is a alternative to your DDNS/WAN address there is nothing you need to enable. Either use https://app.emby.media or use your WAN address. Connect plays by its own rules. I just logged in with http://app.emby.media and when adding my server I was forced to add my https://WAN address and port, http would not connect. But the browser will always show unsecure unless you sign into Connect on https address. Right thats a bit annoying. I just tried to login via https://app.emby.media and it won't connect to my server, although my domain works fine. So i just need to login using my domain? What about devices like fire sticks? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now