Jump to content

Will Cloudflare affect Chromecast/Firestick?


Kimballslice1890
Go to solution Solved by pir8radio,

Recommended Posts

Kimballslice1890

So I've been beginning to setup cloudflare for my Emby server. Now I was wondering for anyone that has had experience doing this that may be able to shed some light on my concern ( I know there are more than a couple of threads but nothing really touching on this).

 

I use Firesticks and occasionally Chromecasts mainly as my client devices (mixed with some iPhones). All of these devices REQUIRE a signed cert in order to connect and stream from while using the Emby built apps. I am currently using Lets Encrypt for my domain. I was wondering now, if I go through cloudflare and have to use their SSL, will that cause issues with such devices? I am very interested in using this method, but losing the functionality of those client platforms would be a deal breaker.

 

Was using this link as a guide: https://blog.awelswynol.co.uk/2018/01/setting-up-cloudflare-with-emby

Link to comment
Share on other sites

mastrmind11

So I've been beginning to setup cloudflare for my Emby server. Now I was wondering for anyone that has had experience doing this that may be able to shed some light on my concern ( I know there are more than a couple of threads but nothing really touching on this).

 

I use Firesticks and occasionally Chromecasts mainly as my client devices (mixed with some iPhones). All of these devices REQUIRE a signed cert in order to connect and stream from while using the Emby built apps. I am currently using Lets Encrypt for my domain. I was wondering now, if I go through cloudflare and have to use their SSL, will that cause issues with such devices? I am very interested in using this method, but losing the functionality of those client platforms would be a deal breaker.

 

Was using this link as a guide: https://blog.awelswynol.co.uk/2018/01/setting-up-cloudflare-with-emby

You get a new cert from cloudflare so it'll be signed by cloudlfare, no issue there.  While I don't use chromecast/firestick, I have several android streamers set up on external networks that all work perfectly over https.  Just follow that guide and you're in business.

Link to comment
Share on other sites

Kimballslice1890

Definitely some promising information. My experience with Android though is that it is one of the few platforms that isn't particularly picky about certs. 

Link to comment
Share on other sites

  • Solution
pir8radio

So I've been beginning to setup cloudflare for my Emby server. Now I was wondering for anyone that has had experience doing this that may be able to shed some light on my concern ( I know there are more than a couple of threads but nothing really touching on this).

 

I use Firesticks and occasionally Chromecasts mainly as my client devices (mixed with some iPhones). All of these devices REQUIRE a signed cert in order to connect and stream from while using the Emby built apps. I am currently using Lets Encrypt for my domain. I was wondering now, if I go through cloudflare and have to use their SSL, will that cause issues with such devices? I am very interested in using this method, but losing the functionality of those client platforms would be a deal breaker.

 

Was using this link as a guide: https://blog.awelswynol.co.uk/2018/01/setting-up-cloudflare-with-emby

 

 

No cloudflare cert issues, YET....     Below are the stats on devices that work with my server running CF:

*these are actual stats from my logs on my emby server. the count is "hits".

 

5e5f1f9759442_Screenshotfrom202003032123

Edited by pir8radio
  • Like 1
Link to comment
Share on other sites

  • 2 months later...
Kimballslice1890

Thanks for the help. Finally just set it up and it seems to be working all good.

 

On the guide, it says to change my public port to 443. I left them as default 8920 because via my USG I forwarded 443 to 8920 anyway (as directed in the guide). And I tested the public emby ports on 443 and 8920, it didn't seem to make a difference since it looks like its forwarding to the locally binded port anyway. Does this sound right or should I be changing my public port to 443?

Also even with cloudflare setup, I noticed that the IPs of external users are being reported properly (not a cloudflare IP). I had read somewhere that it would be reporting the cloudflare IP. Is this a normal occurrence?

 

Another follow up question in terms of security.

 

Obviously running cloudflare now. Is running a firewall with IPS/IDS in conjunction with Cloudflare overkill? Or should I favor one over the other?

 

Thanks again for the help and input!

Link to comment
Share on other sites

pir8radio

Thanks for the help. Finally just set it up and it seems to be working all good.

 

On the guide, it says to change my public port to 443. I left them as default 8920 because via my USG I forwarded 443 to 8920 anyway (as directed in the guide). And I tested the public emby ports on 443 and 8920, it didn't seem to make a difference since it looks like its forwarding to the locally binded port anyway. Does this sound right or should I be changing my public port to 443?

Also even with cloudflare setup, I noticed that the IPs of external users are being reported properly (not a cloudflare IP). I had read somewhere that it would be reporting the cloudflare IP. Is this a normal occurrence?

 

Another follow up question in terms of security.

 

Obviously running cloudflare now. Is running a firewall with IPS/IDS in conjunction with Cloudflare overkill? Or should I favor one over the other?

 

Thanks again for the help and input!

 

not an overkill..  cloudflare is a different kind of protection than your firewall..     Think of your firewall as your front door to your house with a lock and alarm.   only people with the correct keys and codes can get in.   CF is more like a security guard at the end of your driveway..   He will stop or deter most intruders, but people can still sneak around the security guard and get to your front door.     

 

The main use for cloudflare is not security..   Sure it "can" hide your real IP address, provide SSL, and a few other things, but its not really there to secure anything. 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...