this post was submitted on 01 Apr 2026
706 points (99.0% liked)

Selfhosted

60587 readers
2110 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details. Tags [CBH] or [AIP] are required, see the links in Rule 8 for details.

  8. AI-related discussions and AI-involved promotional posts have additional requirements for tagging, as noted in Rule 7 and the AI & Promotional Post Expanded Rules post, and find example disclosures here.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] gigachad@piefed.social 7 points 3 months ago (2 children)

I depends a bit on your threat model. If you have Jellyfin exposed to the internet I would shut it down immediately. If you are running locally and rely on it, let it run maybe? If behind a tailnet or some other VPN, I would deactivate it as well. If it is an Axios like vulnerability it may be possible your secrets are in danger, dependent on how well they are secured. Not a security expert, but I would handle this a little more conservative...

[–] somehacker@lemmy.world 12 points 3 months ago (1 children)

No need to shut it down if it’s not exposed to the internet. Tailnet/VPN is fine.

If it’s a supply chain compromise shutting it down wouldn’t matter. The damage is already done.

[–] possiblylinux127@lemmy.zip 1 points 3 months ago (1 children)

I don't believe it a supply chain compromise

[–] somehacker@lemmy.world 1 points 3 months ago

Same. I was pointing out that if it was related to Axios then it’s already too late.

[–] roserose56@lemmy.zip 2 points 3 months ago

It's on my home, which is not 24/7 open. Will see check later.