

I find it hard to believe that there are bots scanning for jellyfin exploits, since as far as I’m aware, the exploit is for viewing content without auth. 99% of bots are scanning for old instances of wordpress or other outdated software to exploit.
If my content on Jellyfin was illegitimate, the person scanning for my files would have to prove that before they can sue, no? I don’t think this makes sense for anyone to do.
p.s. I won’t argue that YOU should setup software that you dont want to, just that this particular reason not to may be a bit farfetched.
Hm I don’t remember posting the comment you are replying to, to the one I replied to.
You are right, but I still argue that keeping Jellyfin up to date is fine, there’s no serious bugs (afaik) that will compromise your whole server for instance, so these bots have nothing valuable to exploit here.
When I say don’t post your instance url I was talking about normal people finding it to try streaming from it without auth, I think I was replying to someone else and though this was the same thread.