Guest Posted February 27, 2019 Posted February 27, 2019 (edited) Is there any way to unbind Emby server from port 8920? I disabled remote connections and want to configure apache for that using the same port. In my server config I saw that 8920 in mentioned as local secure port. What does that mean? There is no certificate for an secure connection? Thanks for advice. Edited February 27, 2019 by loeffelpan
Luke 42079 Posted February 27, 2019 Posted February 27, 2019 If you don't have a certificate configured, then port 8920 will not be bound. There is nothing you need to do.
Guest Posted February 27, 2019 Posted February 27, 2019 (edited) Thanks for your lightning fast response. Ubuntu says you are wrong. nightfury@ToothLess:~$ lsof -i | grep Emby EmbyServe 31619 nightfury 152u IPv6 451908 0t0 TCP *:8096 (LISTEN) EmbyServe 31619 nightfury 156u IPv6 451913 0t0 TCP *:8920 (LISTEN) EmbyServe 31619 nightfury 175u IPv4 451959 0t0 TCP ToothLess:42275->ToothLess:8096 (ESTABLISHED) EmbyServe 31619 nightfury 176u IPv4 451961 0t0 UDP *:7359 EmbyServe 31619 nightfury 177u IPv6 451580 0t0 TCP ToothLess:8096->ToothLess:42275 (ESTABLISHED) EmbyServe 31619 nightfury 183u IPv6 452623 0t0 TCP ToothLess:8096->172-20-2-4.fritz.box:42446 (ESTABLISHED) In emby hosting settings I disabled remote connection completely. There is an input field for „Local HTTPS port“ which is filled with 8920 by default, even when remote connections are disabled and no certificate is set. Edited February 27, 2019 by loeffelpan
Luke 42079 Posted February 28, 2019 Posted February 28, 2019 Ok you're right, sorry. There's currently no way to stop it. You will just have to assign a different port to it.
Guest Posted February 28, 2019 Posted February 28, 2019 (edited) OK. Thanks. Using another will work obviously. Maybe you can make possible in further versions. Concerning to this I noticed, that the built-in webserver offers a header "Access-Control-Allow-Origin: *" and doesn't hide his version. This is rated as a weakness in several website security tests - so we can't achive an A+. Maybe it is better not to set this header and hide the servers version string. Any suggestion how to overwrite "Access-Control-Allow-Origin" for more security? Edited February 28, 2019 by loeffelpan
Guest Posted February 28, 2019 Posted February 28, 2019 This one: Microsoft-NetCore/2.0 UPnP/1.0 DLNADOC/1.5
Luke 42079 Posted February 28, 2019 Posted February 28, 2019 We can definitely easily remove the netcore/2.0 part. The rest I would be concerned about breaking dlna features, so more investigation would be needed there before we could do that.
Guest Posted February 28, 2019 Posted February 28, 2019 Would be nice to improve that in further versions. Thanks.
Luke 42079 Posted March 1, 2019 Posted March 1, 2019 Thanks, for the next release the netcore/2.0 part will be removed.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now