57·
2 days agoIt’s MS trying to not have another meltdown like CrowdStrike. They tried to do it with Vista, and they pussied out when all the same fucks cried out ‘but we can’t fuck with the OS like a bent-over ho’, and so MS let it slide in the ‘eventually’ to-do bin until it was demonstratably their fault for not clamping down on kernel access.
Also lol “willing to follow”, as I understand it MS isn’t giving them an option or opinion this time around. Gtfo of the kernel or your shit will stop working. I think the deadline is 2026, but it’s been a while since this was all announced.
This isn’t a guide, but any reverse proxy allows you to limit open ports on your network (router) by using subdomains (thisPart.website.com) to route connections to an internal port.
So you setup a rev proxy for jellyfin.website.com that points to the port that jf wants to use. So when someone connects to the subdomain, the reverse proxy is hit, and it reads your configuration for that subdomain, and since it’s now connected to your internal network (via the proxy) it is routed to the port, and jf “just works”.
There’s an ssl cert involved but that’s the basic understanding. Then you can add Some Other Services at whatever.website.com and rinse and repeat. Now you can host multiple services, without exposing the open ports directly, and it’s easy for users as there is nothing “confusing” like port numbers, IP addresses, etc.