TheRenegade 2 Posted February 19, 2019 Share Posted February 19, 2019 OK, so this is going to be a several part question, or have several questions I guess is the better way of putting things.Really I am looking for a best practices for security and my Emby. I want to have access to my Emby sever while out of the house, mainly just for access while at work. So I have linked my server to Emby connect, added passwords to all the users (kids/wife), enabled PIN for on home network, leaving that blank (great option btw), and hidden the only account with Admin access. So I guess my questions are 1. How secure is Emby as a whole? 2. I have a dynamic IP, so Emby connect is great for not needing to remember IP of the server, but then is there is any point to using SSL? As wouldn't setting up a Dynamic DNS for the IP be a huge pain (I have a shitty router that won't update a DNS service) Link to comment Share on other sites More sharing options...
Luke 37253 Posted February 19, 2019 Share Posted February 19, 2019 Hi, yes SSL is still valuable to setup if you're going to be using remote access. Link to comment Share on other sites More sharing options...
Luke 37253 Posted February 21, 2019 Share Posted February 21, 2019 Here's more of an overview of why it is important: https://www.sslshopper.com/why-ssl-the-purpose-of-using-ssl-certificates.html Thanks. Link to comment Share on other sites More sharing options...
Carlo 4331 Posted February 22, 2019 Share Posted February 22, 2019 I'm going to go out on a limb and say it's not that important - hold the rocks and stones people The real concern is man in the middle attacks and you "giving away" your username/password in clear text over the internet. If you are trying to use this from work it's probably not a huge concern. What you can do if you "must" use Emby this way without SSL is: Do NOT use your admin account to login anywhere not local to the server. Do not give remote access to anyone but yourself (and only to a non admin account) Make sure you have no destructive features turned on for the remote access account you are going to use in case someone does get your username/password. So don't allow deletes or anything like that. You can always use a "throw away" account like "tinman", "roofus" or any goofy name if you like that basically has "read only" access to Emby. Now think about it. Even if someone got access by a man in the middle attack it's only for this one account since it's the only authorized remote account. You of course used a password not used anywhere else (just in case). What is the worst that would happen in this circumstance? Someone hacks your username/password and gets to watch your movies/shows for free? You can help mitigate this by using the Playback Reporting Plugin keeping an eye on the account you setup for remote access. I think people get bent out of shape over SSL to much in specific situation like this where you control everything and can be smart about the account credentials and password used (not the same as you use anywhere else). Now with all that said, it's still far better to get your system setup to use SSL and then you don't have to worry about this type of thing. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now