emveepee 132 Posted March 28, 2021 Posted March 28, 2021 NextPVR 5.1.1 was released today and addresses security concerns using the live URLs which some Emby users could be using as m3u tuners. The default setting will mean that these URL's will fail unless users change Settings->Access to enable "Unauthenticated Access". As noted in NextPVR this setting is not recommended if the NextPVR server port is exposed to the Internet. Any questions on this should be posted on the NextPVR forum. Martin
Luke 42077 Posted March 28, 2021 Posted March 28, 2021 HI, thanks for the info. @cayars can update our next pvr m3u setup guide.
Carlo 4560 Posted March 28, 2021 Posted March 28, 2021 Thanks and our KB article on this has be modified to note this change that's needed.
emveepee 132 Posted March 31, 2021 Author Posted March 31, 2021 Note that this setting is required for recording in the NextPVR plugin too unless you use the option to use filenames and not streaming, typically only on localhost. I was hoping to provide a more secure solution. but unfortunately after repeated requests I didn't receive any developer support on this and it appears Emby has a requirement for fixed naming for recordings but there is not point storing tokens which will expire. This security concern exists in the previous versions of NextPVR too, there just was no way to mitigate it. Martin
Carlo 4560 Posted March 31, 2021 Posted March 31, 2021 Thanks for the heads up on that @emveepee. Likely not much of a security concern for those running Emby as NextPVR will likely only be streaming to Emby in most setups (but not always of course).
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now