I have a Jellyfin instance on my local server which I forward to the public web via a cloudflare tunnel. I’m not sure how secure it is, and I keep getting random requests from all over the world. It’s my first experience maintaining something on a public domain so I may be worrying about something obvious, but some advice would still be appreciated.
What about mTLS? Since you are already on Cloudflare, you might consider their client cert feature, which blocks all incoming traffic without the cert. However, you do have to manage it and set it up on all your devices.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
What about mTLS? Since you are already on Cloudflare, you might consider their client cert feature, which blocks all incoming traffic without the cert. However, you do have to manage it and set it up on all your devices.