Cloudflare, Jellyfin, and Nginx Reverse Proxy

I’ve setup a subdomain using Cloudflare DNS (orange cloud) to mask the IP address of my host. Lets call it media.mydomain.com. I’ve got a Cloudflare rule in place that redirects that subdomain to my root domain (mydomain.com) on port 8443, that also uses Cloudflare DNS. My local Jellyfin media server that it points to is listening on port 8443 for encrypted traffic using a Cloudflare certificate. The purpose of this setup is to allow me to access my media server securely when I’m travelling. I do want to make it as secure as reasonably possible.

What I’m trying to decide is whether or not to install an Nginx reverse proxy on my media server as so many others seem too have done. Would this actually improve security in my case? I’m trying to figure out how it would. Any input would be appreciated.

Unless you want to use Nginx to perform manipulations on the request/response, I think it looks redundant to me.

Since you mentioned “media server”, I want you to aware of TOS 2.8.

Well shoot. No I wasn’t aware of that. I’ve been using it primarily for audio books. I’m guessing that would fall under that section as well. I guess I need to look into a paid service then. Thanks for the info.

1 Like

One quick follow up question. What if I kept the same setup but forwarded the service to a port not used by Clouldflare, like say port 9000 or something. Would that allow me to keep the DNS and firewall protection without violating TOS 2.8 or am I wrong?

Port 9000 is not a port supported by Cloudflare, so you need to disable proxy for the subdomain. In this case, the DNS will resolve the subdomain to your origin IP address directly, so Cloudflare firewall will no longer apply to the traffic.

Since the traffic is not routed to Cloudflare, so you are not subject to TOS 2.8.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.