Why do my logs say my server is POSTing to connect.emby.media?

[jerrac 4]

While working on setting up fail2ban, I noticed a bunch of log messages like this:

Quote

2020-12-12 21:12:11.241 Info HttpClient: POST https://connect.emby.media/service/user/authenticate

I have never used Emby Connect, and none of my family members have done so either.

It appears that those logs appear when I use a random username and password. (Testing fail2ban...)

Is Emby programmed to automatically try to authenticate via Emby Connect if the user doesn't exist locally?

If so, how do I disable that?

Thanks in advance!

 

Server info:

Running inside a Docker container from the official docker image. HAProxy in front of it. Pop!_OS 20.04 on the host.

[Luke 37170]

Hi, when a user logs in, it will try to authenticate with emby connect if the local login fails.

[jerrac 4]

Is there a way to disable that?

[Luke 37170]

Hi, no, but it's possible for the future. Thanks.

[jerrac 4]

If passwords are transmitted to Connect in a way that Connect can read them, I'd view it as a security issue. If I mistype my username, then it sends the password and username to Connect, that's a secret out the door.

I'm sure Emby employees/devs are not going to do anything bad, and I'm glad to see https in use, but still, my password ends up on a server I didn't expect it to. That isn't good.

That kind of application behavior needs to be opt in.

Plus, I just don't want my server advertising it exists.

So I'd urge that you make this an urgent issue.

Thanks for the quick replies! Especially on a weekend.