Jump to content

Remote Access Questions (Ports/HTTPS)

/Ky

By /Ky
in Non-Emby General Discussion

 Share

Recommended Posts

/Ky

/Ky 3

Posted
Posted

Hey guys,

 

Okay so I got a couple of questions about emby remote access as thinking about enabling it, I would be doing this by puchasing a domain name and using Cloudflares Free package for additonal secuirty:

 

So with regards to external ports (I would't want standard HTTP being enabled - only HTTPS) - I've noticed that emby defaults to port 8920 for HTTPS. So should I leave it or change it to 443 (is there any benefits??)

 

Also I will check the only allow secure connections but with UPnP enabled (which works on my router) will this still open port 8096?? As would this incur a secuirty issue by having a port open that you dont want to use -  so would I be better off manually opening ports or just leave UPnP enabled and will it cause a secuirty concern if I did so??

 

 

Thanks,

/Ky

Happy2Play

Happy2Play 9780

Posted
Posted

To me from a security standpoint upnp should never be enabled.

/Ky

/Ky 3

Posted
  • Author
Posted

To me from a security standpoint upnp should never be enabled.

Yeah kinda what I was thinking. Just wondering about the ports now and if I did manually open them up its only TCP that needs to be done from what I remember as UDP isn't used.

Happy2Play

Happy2Play 9780

Posted
Posted

Yeah kinda what I was thinking. Just wondering about the ports now and if I did manually open them up its only TCP that needs to be done from what I remember as UDP isn't used.

 

Correct, that is what is listed in the wiki also.  One of the other network gurus will have to comment on the actual port selection.

  • Like 1
mastrmind11

mastrmind11 722

Posted
Posted (edited)

Since your server is sitting behind a router, thats what is doing the port forwarding.  Changing your server port makes no difference.  Leave the default ports and send 443 from your router to 8920 internally, since traffic from your router to your server  internally is unencrypted http anyway.  But yeah, avoid upnp.

Edited by mastrmind11
/Ky

/Ky 3

Posted
  • Author
Posted

Since your server is sitting behind a router, thats what is doing the port forwarding.  Changing your server port makes no difference.  Leave the default ports and send 443 from your router to 8920 internally, since traffic from your router to your server  internally is unencrypted http anyway.  But yeah, avoid upnp.

Ta, that's what I thought so for clarifcation leave the Internal + External ports as 8096 + 8920 then in my router forward external 443 port to internal 8920 over TCP?

mastrmind11

mastrmind11 722

Posted
Posted (edited)

Ta, that's what I thought so for clarifcation leave the Internal + External ports as 8096 + 8920 then in my router forward external 443 port to internal 8920 over TCP?

if you're using cloudflare, they'll do the SSL to your WAN IP port 443.  You just have to forward 443 to 8096.  8920 is irrelevant once you get past the router.  But yeah, you've got the right idea.

Edited by mastrmind11
  • Like 1

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...