this post was submitted on 10 Apr 2026
103 points (97.2% liked)
Selfhosted
60409 readers
244 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil.
-
No spam.
-
Posts are to be related to self-hosting.
-
Don't duplicate the full text of your blog or readme if you're providing a link.
-
Submission headline should match the article title.
-
No trolling.
-
Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I’ve said this exact same thing in the past and got flamed for it. The “grandma factor” is a very real consideration. My grandma lives almost 5 hours away. I’m not going to walk my grandma through side-loading the Jellyfin app onto her TV, because no native app exists on its App Store. She won’t understand what a Developer Mode for her TV is, let alone how to enable it. And even if it had a native app, the moment she has to input a custom URL for my server, she’ll shut down and say it’s too hard. But she already has a Netflix account, and understands the concept behind a login page. So I can easily walk her through Plex’s sign-in.
It’s also hard to understate how bad some of the Jellyfin vulnerabilities are. They’re straight up “people can completely bypass the login page to stream media from your server” bad. Sure, it requires knowing the file path ahead of time. And that might be a level of security… Except for the fact that basically everyone uses the Trash Guides to set their *arr’s up, which means they all have the same file structure and automatic naming schemes. And the Jellyfin devs have stated that they likely won’t ever fix many of the biggest vulnerabilities, because it would require completely divesting from the Emby fork that the entire project is built on. Jellyfin is wonderful for LAN viewing. But holy shit please don’t expose it to the internet.
I do run Jellyfin too, it's pretty handy at getting metadata for stuff locally so I have something outside of Plex's internal databases.
And IIRC I have used Jellyfin in the past to watch some more esoteric stuff that Plex (and its official clients) couldn't play.
But there's no way in hell I'm opening it to the outside world.