Help me understand risks of exposing janus to the internet

bremner · May 25, 2024, 4:53pm

I noticed that the “easy” way of deploying webapp access (via reverse proxy) basically exposes the entire REST API to the internet. I am wondering if this is something people generally do, or if it is only intended for demos.

I am considering using the VideoRoom plugin for a simple private video conferencing service. I managed to modify the videoroom (multistream) demo to support pin access control to the room, but now I’m wondering if I have to manually secure each plugin.

I did scan the FAQ and list of presentations, but didn’t find the right documentation / hints.

lorenzo · May 27, 2024, 7:41am

Janus has a basic auth mechanism, but what most (us included) do is implement wrappers/intermediaries, as in a server from where you send Janus API requests, and expose a custom API to clients. This allows you to use Janus as a media server you control yourself, thus limiting what people can do to what you expose. There’s a few libraries in different languages, we personally use our own Janode which is a Node.js SDK.

Topic		Replies	Views
Need some help with understanding the janus api General	1	215	March 27, 2023
Understanding Janus need help client side General	8	492	December 1, 2023
Help needed with Custom Videoroom (Typescript & serverside) General	7	205	November 16, 2023
Restricting who can view a stream General	2	173	May 3, 2023
Authorization on janus General	3	102	January 16, 2024

Help me understand risks of exposing janus to the internet

Related topics