dariusaurius 1 Posted September 26, 2020 Share Posted September 26, 2020 Dear Emby-Team, a couple of times today it happened to me, that I didn't notice that my remote connector was using HTTP instead of HTTPS. Each time I have accessed the portal page for the remote connector through the front page, which didn't forwarded me to the secured HTTPS site. Not sure if this is intended, but this could harm potentially someones whole network. Thanks for reading and best regards Link to comment Share on other sites More sharing options...
Luke 37064 Posted September 26, 2020 Share Posted September 26, 2020 Hi, the problem is that the https version can only connect to your Emby Server if you have setup SSL on your server. Have you done that? Link to comment Share on other sites More sharing options...
dariusaurius 1 Posted September 27, 2020 Author Share Posted September 27, 2020 Hi Luke, thanks for your response. 1. My emby Server is running in a Docker container behind a reverse proxy with the network mode "host", it shares his local IP with my Docker host. 2. The reverse proxy has an URL rewrite module to forward HTTP (80) inquires for my domain name (emby.some.domain.de) to HTTPS (443). 3. The HTTPS inquire is forwarded to the emby servers remote HTTP (8920) port. 4. emby is configured to let the reverse proxy handle the secured connection in the network settings. 5. My domain name (emby.some.domain.de) is configured in emby. 6. The local IP of the Docker host is also configured If there are still any informations which myth help you identify the problem, I will gladly provide them. Regards Link to comment Share on other sites More sharing options...
Luke 37064 Posted September 27, 2020 Share Posted September 27, 2020 3 hours ago, dariusaurius said: Hi Luke, thanks for your response. 1. My emby Server is running in a Docker container behind a reverse proxy with the network mode "host", it shares his local IP with my Docker host. 2. The reverse proxy has an URL rewrite module to forward HTTP (80) inquires for my domain name (emby.some.domain.de) to HTTPS (443). 3. The HTTPS inquire is forwarded to the emby servers remote HTTP (8920) port. 4. emby is configured to let the reverse proxy handle the secured connection in the network settings. 5. My domain name (emby.some.domain.de) is configured in emby. 6. The local IP of the Docker host is also configured If there are still any informations which myth help you identify the problem, I will gladly provide them. Regards Hi, I understand. All you need to do is use https://app.emby.media Link to comment Share on other sites More sharing options...
Carlo 4330 Posted September 30, 2020 Share Posted September 30, 2020 On 9/27/2020 at 9:20 AM, dariusaurius said: Hi Luke, thanks for your response. 1. My emby Server is running in a Docker container behind a reverse proxy with the network mode "host", it shares his local IP with my Docker host. 2. The reverse proxy has an URL rewrite module to forward HTTP (80) inquires for my domain name (emby.some.domain.de) to HTTPS (443). 3. The HTTPS inquire is forwarded to the emby servers remote HTTP (8920) port. 4. emby is configured to let the reverse proxy handle the secured connection in the network settings. 5. My domain name (emby.some.domain.de) is configured in emby. 6. The local IP of the Docker host is also configured If there are still any informations which myth help you identify the problem, I will gladly provide them. Regards Do you have a valid cert somewhere in there to handle SSL? Link to comment Share on other sites More sharing options...
dariusaurius 1 Posted September 30, 2020 Author Share Posted September 30, 2020 Yes, I use an wildcard certificate from LetsEncrypt on my reverse proxy, HTTPS is fine as long as I enter manually the address "https://app.emby.media". Using the Link on the emby homepage is just linking to the the HTTP address instead of the HTTPS one Link to comment Share on other sites More sharing options...
Luke 37064 Posted September 30, 2020 Share Posted September 30, 2020 14 minutes ago, dariusaurius said: Yes, I use an wildcard certificate from LetsEncrypt on my reverse proxy, HTTPS is fine as long as I enter manually the address "https://app.emby.media". Using the Link on the emby homepage is just linking to the the HTTP address instead of the HTTPS one Right now we have to do that because if we link to the https version, then users will not be able to use that unless they've setup SSL on their Emby Server. Link to comment Share on other sites More sharing options...
dariusaurius 1 Posted September 30, 2020 Author Share Posted September 30, 2020 (edited) I understand, unfortunately this decision may compromise the security of the users which have SSL enabled but don't notice that SSL is not used. For me it is now clear what I need to do, in the case I use another PC where I navigate to emby by using i.e. Google, for others maybe not. Thanks both of you for your support! Regards Edited September 30, 2020 by dariusaurius Link to comment Share on other sites More sharing options...
Luke 37064 Posted September 30, 2020 Share Posted September 30, 2020 Thanks for the feedback. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now