Jump to content
doobre

If I purchase Emby Premiere will it give me SECURE remote access

Recommended Posts

doobre

Just need a 'YES' or 'NO' answer to the above.

Because not being a techno type, I have only just found that Emby opens up a port in my router to the internet without my knowing, during the installation. Which to me doesn't sound very safe.

So I am hoping that if I purchase the Premiere package that it will provide the necessary SECURED access path, so that I can share my media with my friends who live down-country.

I was using Plex and thought I would try Emby too. Plex already has the secure access for sharing, Emby is much faster to use.

Thanks for any replies..

Cheers CD in NZ

Share this post


Link to post
Share on other sites
pwhodges

This is nothing to do with Premiere.

 

Emby doesn't have to open a port on your router; in the network settings you can disable "Enable automatic port mapping".  You can also disable this ability in your router so that Emby (and any other program) cannot do it - the facility is typically called uPnP.

 

If (as you suggest) you want external access to Emby, though, you can install a security certificate in it - but you have to acquire the certificate yourself, Emby doesn't do it for you.  Alternatively, a lot of people prefer to run a reverse proxy in front of Emby to handle the certificate, which gives more control of security in some respects.  There are lots of threads about this, mostly using nginx, but Caddy (which gets the certificate automatically) is also described.

 

Feel free to ask more questions - you will get answers.

 

Paul

  • Like 1

Share this post


Link to post
Share on other sites
Sammy

 

 

This is nothing to do with Premiere.

 

Emby doesn't have to open a port on your router; in the network settings you can disable "Enable automatic port mapping". You can also disable this ability in your router so that Emby (and any other program) cannot do it - the facility is typically called uPnP.

 

If (as you suggest) you want external access to Emby, though, you can install a security certificate in it - but you have to acquire the certificate yourself, Emby doesn't do it for you. Alternatively, a lot of people prefer to run a reverse proxy in front of Emby to handle the certificate, which gives more control of security in some respects. There are lots of threads about this, mostly using nginx, but Caddy (which gets the certificate automatically) is also described.

 

Feel free to ask more questions - you will get answers.

 

Paul

 

 

Where do you acquire said certificate?

 

BTW, I believe Ubiquity gear doesn't allow uPnP to automatically open ports.

 

Sent from my SM-G960U1 using Tapatalk

Share this post


Link to post
Share on other sites
doobre
Posted (edited)

Hi there Paul.. thanks for the clarification.. I should say that I am on windows10 os, sorry!!

 

As far as I can see...  Emby automatically entered the port forwarding rules on my router and I don't see yet, where/how to remove them.

I have now unticked the "enable automatic port forwarding" and "allow remote connection to this emby server" in the emby settings, but the port forwarding rules are still in the router.!?

 

I am happy to use emby in my local network, much faster than plex, and that is what I assumed "Upnp" was for.? only local usage? my error i now know. So I will disable Upnp also. [i thought it meant universal plugnplay, so it sounded like it should be left enabled]..

 

Is this reverse proxy thing workable on a windows10 setup? 

 

I am trying to do this on a "no budget" situation, to keep the family happy during the outsideworld zombie apocalypse. So any other ideas that you think may help will be very muchly welcomed..

 

cheers from CD in NZ

Edited by doobre

Share this post


Link to post
Share on other sites
pwhodges

Where do you acquire said certificate?

 

You can buy them from ISPs or domain registrars, etc.  You need a domain name to attach them to, though.  You can get certificates free from places like LetsEncrypt - though free ones typically have a much shorter renewal time.  If you use Caddy as a reverse proxy, it gets and renews them automatically from LetsEncrypt, if you set it up right.  Domain names you have to buy from a registrar - they're not necessarily expensive, though.

 

Hi there Paul.. thanks for the clarification.. I should say that I am on windows10 os, sorry!!

 

As far as I can see...  Emby automatically entered the port forwarding rules on my router and I don't see yet, where/how to remove them.

I have now unticked the "enable automatic port forwarding" and "allow remote connection to this emby server" in the emby settings, but the port forwarding rules are still in the router.!?

 

I am happy to use emby in my local network, much faster than plex, and that is what I assumed "Upnp" was for.? only local usage? my error i now know. So I will disable Upnp also. [i thought it meant universal plugnplay, so it sounded like it should be left enabled]..

 

Is this reverse proxy thing workable on a windows10 setup? 

 

I am trying to do this on a "no budget" situation, to keep the family happy during the outsideworld zombie apocalypse. So any other ideas that you think may help will be very muchly welcomed..

 

cheers from CD in NZ

 

uPnP can do things inside the network, but one of the things it can do is open ports in your router.  As for the open ports you now have, I suppose you need to go into the router config to close them again.

 

A reverse proxy is a web server that you can run on the same machine as your Emby, if you want.  Typically you would install Caddy (I use v1, but now you have to get v2, for which different instructions will be needed than any in this forum).  Before you can set up Caddy you need to have a DNS name pointing to your address; this you have to think up for yourself and buy from a registrar (I use Gandi).  The instructions are pretty simple, but maybe people here can help if you get stuck; I will try to find time to move to Caddy 2 myself in the next couple of days so that I can help - Caddy's home page has (scroll down) an example of how easy it can be to run a reverse proxy using v2.  I would leave Caddy accepting the default ports for http and https (80 and 443), as these need to be used for the automatic certificate generation.  Or you can use nginx, which there's a lot of experience of here, but which is inherently more difficult.  You can leave Emby on its default ports and then forward from Caddy by specifying a proxy connection to the http port of Emby.  Any attempt to access port 80 from outside will automatically be diverted to 443 by Caddy, so there's nothing to worry about there.  For internal use you can use Emby's http port, or you can try using the same address as you would use externally; this working would depend on your router being able to loop back or "hairpin" references to its external address from inside.  

 

If you're content with getting your own certificate and adding it to Emby and renewing it as required, then by all means don't bother with a proxy.  You can use the router to forward ports 80 and 443 to the Emby ports, or you can change the Emby ports to 80 and 443 and just let those through.

 

Paul

Share this post


Link to post
Share on other sites
ebr

Hi.  As the users have pointed out, secure/external access is completely unrelated to Premiere (which is just about features).  Please let us know if you still have questions about this.

 

Thanks.

 

 Emby Premiere

Share this post


Link to post
Share on other sites
KingMovies

You can use caddy and duckdns.org free of charge

Share this post


Link to post
Share on other sites
crusher11

Can we first establish if the OP even needs remote access? It doesn't sound like they do from their other posts.

Share this post


Link to post
Share on other sites
Spaceboy

Can we first establish if the OP even needs remote access? It doesn't sound like they do from their other posts.

that has already been established

 


so that I can share my media with my friends who live down-country

Share this post


Link to post
Share on other sites
doobre

Hi all and thank you all for your interest in my issue.. especially Paul for your time and advice..

Understood that premiere is not related to setting up a secure remote access.

 

I will check into the free option suggested by 'KingMovies', that's on my budget level.. I maybe back to this forum for help once I get into that.. I would still prefer to use Emby for remote access over Plex.

 

So my only issue now is, how to remove the port rules that are in my router (technicolor MediaAccess TG789) thanks to the uPnP, but as far as I can see does not have an option of removing the rules once set automatically. I will contact my isp for that.

 

So for anyone else who has my issue, of rules being entered without knowing, they should disable the router uPnP BEFORE installing Emby..

 

thanks very much again.

Share this post


Link to post
Share on other sites
KMBanana

I would just disable upnp altogether if you don't need/want it.

 

Keep in mind though that you'll still need to open a port for remote access, "secured" remote access generally refers to using https for encryption instead of plain text http.  

Share this post


Link to post
Share on other sites
Happy2Play
Posted (edited)

There is a option when you installed Emby Server for upnp port mapping.  It can be disabled via network option in Emby.  As for already configured upnp ports on your router I would think you would have manually delete them.  And I would disable upnp via the router also. 

 

These are all user options one has to configure on their network.

 

But yes in my opinion it should be disabled by default, but there are to many users that truly know absolutely nothing about upnp and would post why is it not working.

Edited by Happy2Play

Share this post


Link to post
Share on other sites
doobre

Hahaha... disabling uPnP on the router stopped the logitech media server operating... pros n cons...

cheers CD in NZ

Share this post


Link to post
Share on other sites
pwhodges

You have another media server running?  Is it web based?  Do you have remote access to it (the uPnP thing implies you do)?  This could have implications for how you set up remote access for Emby to avoid conflicts.

 

Paul

Share this post


Link to post
Share on other sites
doobre

Yep LMS (logitech media server) so I think its gonna be safer to stay on plex..

im not very techno and I feel like about as deep as I am in this stuff..

cheers CD

Share this post


Link to post
Share on other sites
pwhodges

Well, there should be no problem, with guidance, in your getting Emby going alongside the other things - but if you have a working Plex setup, perhaps your best bet right now is to stay with it.  If at some point you feel that you are limited by it and want to switch to Emby, just come back here and I (and others) would be happy to take you through getting it going.

 

Paul

  • Like 1

Share this post


Link to post
Share on other sites
ebr

Yep LMS (logitech media server) so I think its gonna be safer to stay on plex..

im not very techno and I feel like about as deep as I am in this stuff..

cheers CD

 

Plex is doing exactly the same thing we are.  There is no way to access your server remotely without opening up a port on your router.

  • Like 1

Share this post


Link to post
Share on other sites
doobre
Posted (edited)

Chief cook and bottle washer...  plex access at https://app.plex.tv/desktop is secure

 

Paul...  thanks and cheers

 

pir8radio....  I have found that even though plex message says "not available outside your network" it actually is > at https://app.plex.tv/desktop (like a false negative)

 

cheers ALL

Edited by doobre

Share this post


Link to post
Share on other sites
ebr

Chief cook and bottle washer...  plex access at https://app.plex.tv/desktop is secure

 

Paul...  thanks and cheers

 

pir8radio....  I have found that even though plex message says "not available outside your network" it actually is > at https://app.plex.tv/desktop (like a false negative)

 

cheers ALL

 

Yes, but not without an open port on your router.

 

There is no way to access your server remotely without opening a port on your router.

Share this post


Link to post
Share on other sites
pir8radio

Chief cook and bottle washer...  plex access at https://app.plex.tv/desktop is secure

 

Paul...  thanks and cheers

 

pir8radio....  I have found that even though plex message says "not available outside your network" it actually is > at https://app.plex.tv/desktop (like a false negative)

 

cheers ALL

 

Yea plex opens ports for you if you didn't or it wouldn't work outside of your home..    Point being emby and plex operate the same when it comes to your security concern.

Share this post


Link to post
Share on other sites
doobre

pri8radio > I get your point now, thanks

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...