nate2404usa Posted September 7, 2020 Share Posted September 7, 2020 I am considering moving away from Qnap to a UnRaid server. This will be for Plex server and photo and music storage. Here is my questions. Is there a way to secure it from internet threat's as Plex is shared within and out of my Lan? I ask this because alot of other forums in large print say to not open UnRaid to the outside world. Is there a way to run make Make MKV and Handbrake on it to rip and convert my media that has not been ripped yet? Will the cache drive work both ways increase send and receive speeds? Quote Link to comment
trurl Posted September 7, 2020 Share Posted September 7, 2020 6 hours ago, nate2404usa said: Is there a way to secure it from internet Don't put it on the internet. If you need remote access Wireguard VPN is builtin. 6 hours ago, nate2404usa said: Will the cache drive work both ways increase send and receive speeds? Depends on each user shares settings for how it uses cache. Anything that is configured to stay on cache will get the speed of cache for writing or reading. Anything that is configured to get moved to the array will get cache speed for writing, and will only get cache speed for reading until it gets moved to the array. Quote Link to comment
Energen Posted September 7, 2020 Share Posted September 7, 2020 . Is there a way to run make Make MKV and Handbrake on it to rip and convert my media that has not been ripped yet? The bit about exposing unraid is unraid itself, as in the webui. Exposing a Plex docker is not the concern. Anything "server" like on unraid obviously has to be exposed to the internet.There is a handbrake docker to use, works good. As well as some other media conversion Dockers. Make mkv I believe I have seen.Sent from my SM-G981U1 using Tapatalk Quote Link to comment
JustOverride Posted September 8, 2020 Share Posted September 8, 2020 3 hours ago, trurl said: Don't put it on the internet. If you need remote access Wireguard VPN is builtin. Just wondering, does this mean that having Plex running as 'host' and opening up that IP (which would be the same as UNRAID), and thet port for plex would also open UNRAID as well to the internet? Or am I OK with the way I've done it? Quote Link to comment
trurl Posted September 8, 2020 Share Posted September 8, 2020 16 hours ago, Energen said: Exposing a Plex docker is not the concern. Anything "server" like on unraid obviously has to be exposed to the internet. this^ Quote Link to comment
ertman Posted January 14, 2021 Share Posted January 14, 2021 On 9/8/2020 at 11:09 AM, trurl said: this^ Hi. I am in a similar boat, and I can see that the quote likely answers the question I am going to ask, but since I am considering the move to unraid, I think I would like the reassurance just to put my anxiety at ease as I have come across the security concerns more recently. For example in the unpaid wiki it tells you not to have it connected directly to the internet. “Unraid servers are not hardened against attack via the network so should NEVER be exposed directly to the internet.”. I plan on using Unraid for personal file storage and media streaming. I also plan on having Plex installed in a docker and a Windows/Linux VM for some smaller tasks when necessary. Maybe at some point a security camera system, although I might just make a separate system for that. I do not plan on having remote access, but if I were access it remotely, i gather that it would be through a VPN tunnelling to the server. Because of plex and the VM needing access to the internet, is this something that should be a concern of mine, or is there any other concerns I should have? Thank you for your time. Quote Link to comment
ChatNoir Posted January 14, 2021 Share Posted January 14, 2021 Hi, The Unraid parts of the system are not hardened as stated. This means that you shall not expose any administration parts of Unraid or port 80 etc. to the Internet. However, the built-in Wireguard does allow a safe access from outside your local network. That being said, exposing specific ports dedicated to specific applications is totally OK. Most people have some parts of the server available on the internet, mostly media services, Nextcloud, or game servers for friends and/or children, ... The reserves that you mentioned from the wiki is there to make clear that the user needs to understand what he is exposing to the Internet. Once in a while a user comes to the forums wondering whys there are VMs or Docker he did not install or we see strange connections attempt from all over the world on the logs. This might be explained differently if it is not clear enough ? Quote Link to comment
itimpi Posted January 14, 2021 Share Posted January 14, 2021 37 minutes ago, ertman said: I do not plan on having remote access, but if I were access it remotely, i gather that it would be through a VPN tunnelling to the server. Because of plex and the VM needing access to the internet, is this something that should be a concern of mine, or is there any other concerns I should have The wiki is saying that is inbound connections to the server that you want to use a VPN for security. Unsecured inbound connections allow remote bad actors to get at your server in your case plex and the VM should only be making outbound connections so not the same security concerns. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.