Jump to content


Photo

If I purchase Emby Premiere will it give me SECURE remote access

premiere secure remote access remote access

  • Please log in to reply
21 replies to this topic

#1 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 06 April 2020 - 06:51 AM

Just need a 'YES' or 'NO' answer to the above.

Because not being a techno type, I have only just found that Emby opens up a port in my router to the internet without my knowing, during the installation. Which to me doesn't sound very safe.

So I am hoping that if I purchase the Premiere package that it will provide the necessary SECURED access path, so that I can share my media with my friends who live down-country.

I was using Plex and thought I would try Emby too. Plex already has the secure access for sharing, Emby is much faster to use.

Thanks for any replies..

Cheers CD in NZ



#2 pwhodges OFFLINE  

pwhodges

    Advanced Member

  • Members
  • 728 posts
  • Local time: 04:17 PM
  • LocationOxford, UK

Posted 06 April 2020 - 07:38 AM

This is nothing to do with Premiere.

 

Emby doesn't have to open a port on your router; in the network settings you can disable "Enable automatic port mapping".  You can also disable this ability in your router so that Emby (and any other program) cannot do it - the facility is typically called uPnP.

 

If (as you suggest) you want external access to Emby, though, you can install a security certificate in it - but you have to acquire the certificate yourself, Emby doesn't do it for you.  Alternatively, a lot of people prefer to run a reverse proxy in front of Emby to handle the certificate, which gives more control of security in some respects.  There are lots of threads about this, mostly using nginx, but Caddy (which gets the certificate automatically) is also described.

 

Feel free to ask more questions - you will get answers.

 

Paul


  • Sammy likes this

#3 Sammy OFFLINE  

Sammy

    Advanced Member

  • Members
  • 3549 posts
  • Local time: 08:17 AM

Posted 06 April 2020 - 08:27 AM



This is nothing to do with Premiere.

Emby doesn't have to open a port on your router; in the network settings you can disable "Enable automatic port mapping". You can also disable this ability in your router so that Emby (and any other program) cannot do it - the facility is typically called uPnP.

If (as you suggest) you want external access to Emby, though, you can install a security certificate in it - but you have to acquire the certificate yourself, Emby doesn't do it for you. Alternatively, a lot of people prefer to run a reverse proxy in front of Emby to handle the certificate, which gives more control of security in some respects. There are lots of threads about this, mostly using nginx, but Caddy (which gets the certificate automatically) is also described.

Feel free to ask more questions - you will get answers.

Paul




Where do you acquire said certificate?

BTW, I believe Ubiquity gear doesn't allow uPnP to automatically open ports.

Sent from my SM-G960U1 using Tapatalk

#4 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 06 April 2020 - 08:43 AM

Hi there Paul.. thanks for the clarification.. I should say that I am on windows10 os, sorry!!

 

As far as I can see...  Emby automatically entered the port forwarding rules on my router and I don't see yet, where/how to remove them.

I have now unticked the "enable automatic port forwarding" and "allow remote connection to this emby server" in the emby settings, but the port forwarding rules are still in the router.!?

 

I am happy to use emby in my local network, much faster than plex, and that is what I assumed "Upnp" was for.? only local usage? my error i now know. So I will disable Upnp also. [I thought it meant universal plugnplay, so it sounded like it should be left enabled]..

 

Is this reverse proxy thing workable on a windows10 setup? 

 

I am trying to do this on a "no budget" situation, to keep the family happy during the outsideworld zombie apocalypse. So any other ideas that you think may help will be very muchly welcomed..

 

cheers from CD in NZ


Edited by doobre, 06 April 2020 - 08:45 AM.


#5 pwhodges OFFLINE  

pwhodges

    Advanced Member

  • Members
  • 728 posts
  • Local time: 04:17 PM
  • LocationOxford, UK

Posted 06 April 2020 - 10:54 AM



Where do you acquire said certificate?

 

You can buy them from ISPs or domain registrars, etc.  You need a domain name to attach them to, though.  You can get certificates free from places like LetsEncrypt - though free ones typically have a much shorter renewal time.  If you use Caddy as a reverse proxy, it gets and renews them automatically from LetsEncrypt, if you set it up right.  Domain names you have to buy from a registrar - they're not necessarily expensive, though.

 



Hi there Paul.. thanks for the clarification.. I should say that I am on windows10 os, sorry!!

 

As far as I can see...  Emby automatically entered the port forwarding rules on my router and I don't see yet, where/how to remove them.

I have now unticked the "enable automatic port forwarding" and "allow remote connection to this emby server" in the emby settings, but the port forwarding rules are still in the router.!?

 

I am happy to use emby in my local network, much faster than plex, and that is what I assumed "Upnp" was for.? only local usage? my error i now know. So I will disable Upnp also. [I thought it meant universal plugnplay, so it sounded like it should be left enabled]..

 

Is this reverse proxy thing workable on a windows10 setup? 

 

I am trying to do this on a "no budget" situation, to keep the family happy during the outsideworld zombie apocalypse. So any other ideas that you think may help will be very muchly welcomed..

 

cheers from CD in NZ

 

uPnP can do things inside the network, but one of the things it can do is open ports in your router.  As for the open ports you now have, I suppose you need to go into the router config to close them again.

 

A reverse proxy is a web server that you can run on the same machine as your Emby, if you want.  Typically you would install Caddy (I use v1, but now you have to get v2, for which different instructions will be needed than any in this forum).  Before you can set up Caddy you need to have a DNS name pointing to your address; this you have to think up for yourself and buy from a registrar (I use Gandi).  The instructions are pretty simple, but maybe people here can help if you get stuck; I will try to find time to move to Caddy 2 myself in the next couple of days so that I can help - Caddy's home page has (scroll down) an example of how easy it can be to run a reverse proxy using v2.  I would leave Caddy accepting the default ports for http and https (80 and 443), as these need to be used for the automatic certificate generation.  Or you can use nginx, which there's a lot of experience of here, but which is inherently more difficult.  You can leave Emby on its default ports and then forward from Caddy by specifying a proxy connection to the http port of Emby.  Any attempt to access port 80 from outside will automatically be diverted to 443 by Caddy, so there's nothing to worry about there.  For internal use you can use Emby's http port, or you can try using the same address as you would use externally; this working would depend on your router being able to loop back or "hairpin" references to its external address from inside.  

 

If you're content with getting your own certificate and adding it to Emby and renewing it as required, then by all means don't bother with a proxy.  You can use the router to forward ports 80 and 443 to the Emby ports, or you can change the Emby ports to 80 and 443 and just let those through.

 

Paul



#6 ebr ONLINE  

ebr

    Chief Bottle Washer

  • Administrators
  • 52033 posts
  • Local time: 11:17 AM

Posted 06 April 2020 - 11:00 AM

Hi.  As the users have pointed out, secure/external access is completely unrelated to Premiere (which is just about features).  Please let us know if you still have questions about this.

 

Thanks.

 

 Emby Premiere



#7 KingMovies OFFLINE  

KingMovies

    Advanced Member

  • Members
  • 30 posts
  • Local time: 11:17 AM

Posted 06 April 2020 - 11:05 AM

You can use caddy and duckdns.org free of charge

#8 crusher11 OFFLINE  

crusher11

    Advanced Member

  • Members
  • 1476 posts
  • Local time: 11:17 PM

Posted 06 April 2020 - 12:59 PM

Can we first establish if the OP even needs remote access? It doesn't sound like they do from their other posts.

#9 Spaceboy OFFLINE  

Spaceboy

    Advanced Member

  • Members
  • 4778 posts
  • Local time: 04:17 PM

Posted 06 April 2020 - 01:01 PM

Can we first establish if the OP even needs remote access? It doesn't sound like they do from their other posts.

that has already been established


so that I can share my media with my friends who live down-country



#10 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 06 April 2020 - 08:52 PM

Hi all and thank you all for your interest in my issue.. especially Paul for your time and advice..

Understood that premiere is not related to setting up a secure remote access.

 

I will check into the free option suggested by 'KingMovies', that's on my budget level.. I maybe back to this forum for help once I get into that.. I would still prefer to use Emby for remote access over Plex.

 

So my only issue now is, how to remove the port rules that are in my router (technicolor MediaAccess TG789) thanks to the uPnP, but as far as I can see does not have an option of removing the rules once set automatically. I will contact my isp for that.

 

So for anyone else who has my issue, of rules being entered without knowing, they should disable the router uPnP BEFORE installing Emby..

 

thanks very much again.



#11 KMBanana OFFLINE  

KMBanana

    Advanced Member

  • Members
  • 156 posts
  • Local time: 11:17 AM

Posted 06 April 2020 - 08:57 PM

I would just disable upnp altogether if you don't need/want it.

 

Keep in mind though that you'll still need to open a port for remote access, "secured" remote access generally refers to using https for encryption instead of plain text http.  



#12 Happy2Play OFFLINE  

Happy2Play

    Trial and Error

  • Moderators
  • 19168 posts
  • Local time: 08:17 AM
  • LocationWashington State

Posted 06 April 2020 - 09:04 PM

There is a option when you installed Emby Server for upnp port mapping.  It can be disabled via network option in Emby.  As for already configured upnp ports on your router I would think you would have manually delete them.  And I would disable upnp via the router also. 

 

These are all user options one has to configure on their network.

 

But yes in my opinion it should be disabled by default, but there are to many users that truly know absolutely nothing about upnp and would post why is it not working.


Edited by Happy2Play, 06 April 2020 - 09:04 PM.


#13 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 07 April 2020 - 04:43 AM

Hahaha... disabling uPnP on the router stopped the logitech media server operating... pros n cons...

cheers CD in NZ



#14 pwhodges OFFLINE  

pwhodges

    Advanced Member

  • Members
  • 728 posts
  • Local time: 04:17 PM
  • LocationOxford, UK

Posted 07 April 2020 - 05:32 AM

You have another media server running?  Is it web based?  Do you have remote access to it (the uPnP thing implies you do)?  This could have implications for how you set up remote access for Emby to avoid conflicts.

 

Paul



#15 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 07 April 2020 - 05:40 AM

Yep LMS (logitech media server) so I think its gonna be safer to stay on plex..

im not very techno and I feel like about as deep as I am in this stuff..

cheers CD



#16 pwhodges OFFLINE  

pwhodges

    Advanced Member

  • Members
  • 728 posts
  • Local time: 04:17 PM
  • LocationOxford, UK

Posted 07 April 2020 - 06:39 AM

Well, there should be no problem, with guidance, in your getting Emby going alongside the other things - but if you have a working Plex setup, perhaps your best bet right now is to stay with it.  If at some point you feel that you are limited by it and want to switch to Emby, just come back here and I (and others) would be happy to take you through getting it going.

 

Paul


  • Happy2Play likes this

#17 ebr ONLINE  

ebr

    Chief Bottle Washer

  • Administrators
  • 52033 posts
  • Local time: 11:17 AM

Posted 07 April 2020 - 08:11 AM

Yep LMS (logitech media server) so I think its gonna be safer to stay on plex..

im not very techno and I feel like about as deep as I am in this stuff..

cheers CD

 

Plex is doing exactly the same thing we are.  There is no way to access your server remotely without opening up a port on your router.


  • Happy2Play likes this

#18 pir8radio OFFLINE  

pir8radio

    NGINX

  • Members
  • 3522 posts
  • Local time: 10:17 AM
  • LocationChicago

Posted 07 April 2020 - 09:46 AM

https://support.plex...-remote-access/

 

#2 on the Plex troubleshooting steps:   This is automatically opening ports on your router.

Check whether your router supports UPnP or NAT-PMP

Edited by pir8radio, 07 April 2020 - 09:47 AM.

  • Happy2Play likes this

#19 doobre OFFLINE  

doobre

    Newbie

  • Members
  • 7 posts
  • Local time: 03:17 AM

Posted 08 April 2020 - 07:49 AM

Chief cook and bottle washer...  plex access at https://app.plex.tv/desktop is secure

 

Paul...  thanks and cheers

 

pir8radio....  I have found that even though plex message says "not available outside your network" it actually is > at https://app.plex.tv/desktop (like a false negative)

 

cheers ALL


Edited by doobre, 08 April 2020 - 07:58 AM.


#20 ebr ONLINE  

ebr

    Chief Bottle Washer

  • Administrators
  • 52033 posts
  • Local time: 11:17 AM

Posted 08 April 2020 - 08:57 AM

Chief cook and bottle washer...  plex access at https://app.plex.tv/desktop is secure

 

Paul...  thanks and cheers

 

pir8radio....  I have found that even though plex message says "not available outside your network" it actually is > at https://app.plex.tv/desktop (like a false negative)

 

cheers ALL

 

Yes, but not without an open port on your router.

 

There is no way to access your server remotely without opening a port on your router.







Also tagged with one or more of these keywords: premiere, secure remote access, remote access

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users