Making Rdio-Scanner more secure?

saioke · 2025-12-02T02:49:37-0600

I run a rdio-scanner for myself and my brother currently and I've noticed an IP address connecting and listening that isn't myself or my brother and I know he didn't give my IP to anyone else. So I'm wondering, just how secure Rdio-Scanner is? I have port 3000 open on my system and nothing else. I don't need to worry about someone getting into my system and destroying it, right? And if so, what can I do to further protect myself?

I would be open to letting more people access the server but I want to iron this out first.

Enjoi19 · 2025-12-02T03:56:12-0600

Using a Cloudflare Tunnel is a much more secure option over opening up ports on your router. Gives you their protection, costs nothing to run a small site with it. Also would be less likely to trigger your ISP.

I also use access codes on Rdio to avoid any potential use of anyone I don’t want on it.

saioke · 2025-12-02T04:29:04-0600

Enjoi19 said:
Using a Cloudflare Tunnel is a much more secure option over opening up ports on your router. Gives you their protection, costs nothing to run a small site with it. Also would be less likely to trigger your ISP.

I also use access codes on Rdio to avoid any potential use of anyone I don’t want on it.

Hmm, never heard of running a cloudflare tunnel, I'll look into it, thanks! But it sounds like cloudflare just acts as a subdomain, so if someone has your IP, wouldn't that mean someone can still just bypass cloudflare by using your IP instead of the subdomain that cloudflare gives you?

I've seen access codes are an option. Honestly, I don't mind if someone's listening. I just have an issue with say, a hacker getting in through the server and accessing my PC entirely, or somehow adding a virus, etc. Access code wouldn't prevent that, would it?

mtindor · 2025-12-02T06:55:22-0600

saioke said:
Hmm, never heard of running a cloudflare tunnel, I'll look into it, thanks! But it sounds like cloudflare just acts as a subdomain, so if someone has your IP, wouldn't that mean someone can still just bypass cloudflare by using your IP instead of the subdomain that cloudflare gives you?

I've seen access codes are an option. Honestly, I don't mind if someone's listening. I just have an issue with say, a hacker getting in through the server and accessing my PC entirely, or somehow adding a virus, etc. Access code wouldn't prevent that, would it?

If your port 3000 is open to the world, certainly at some point there will be bots and stuff hitting it and showing up -- and not necessarily real users.

As mentioned, use access codes to limit access. And I agree about using a Cloudflare tunnel as well. You're port 3000 doesn't need to be exposed to the world with a CF tunnel. The CF tunnel will listen on 3000 at CF.

Of course you'd have to have some sort of domain to use a CF tunnel.

saioke · 2025-12-02T08:17:02-0600

mtindor said:
If your port 3000 is open to the world, certainly at some point there will be bots and stuff hitting it and showing up -- and not necessarily real users.

As mentioned, use access codes to limit access. And I agree about using a Cloudflare tunnel as well. You're port 3000 doesn't need to be exposed to the world with a CF tunnel. The CF tunnel will listen on 3000 at CF.

Of course you'd have to have some sort of domain to use a CF tunnel.

Oh wow, sounds like the tunnel is the best approach! I personally wouldn't want to charge anyone for access but, If you require a domain, I now get why some folks choose to require a payment/subscription in order to access their rdio server. I guess I'll hunt for maybe one of those $1-5 a year generic domains. However, I did find this - Cloudflare Quick Tunnels. Supposedly provides you with a domain/url and the limitations for making a quick tunnel just state that you can't have more than 200 in-flight requests, concurrent maybe? That would work for a small server, wouldn't it? Although I'm sure the URL would likely change if I need to restart the system or the network crashes.

mtindor · 2025-12-02T08:20:33-0600

saioke said:
Oh wow, sounds like the tunnel is the best approach! I personally wouldn't want to charge anyone for access but, If you require a domain, I now get why some folks choose to require a payment/subscription in order to access their rdio server. I guess I'll hunt for maybe one of those $1-5 a year generic domains. However, I did find this - Cloudflare Quick Tunnels. Supposedly provides you with a domain/url and the limitations for making a quick tunnel just state that you can't have more than 200 in-flight requests, concurrent maybe? That would work for a small server, wouldn't it? Although I'm sure the URL would likely change if I need to restart the system or the network crashes.

200 should be plenty. I have given my URL out to a few people. My buddy has given his out to just about anybody. Don't think I've ever seen more than 10-15 connections at a time on either one.

saioke · 2025-12-02T08:24:59-0600

Thanks for the help, I appreciate it! Think I'll test the quick tunnel out and see if it's an annoyance if the URL changes, if it does I'll look into getting a cheap domain.

N1FKO · 2025-12-02T09:16:11-0600

saioke said:
I've seen access codes are an option. Honestly, I don't mind if someone's listening. I just have an issue with say, a hacker getting in through the server and accessing my PC entirely, or somehow adding a virus, etc. Access code wouldn't prevent that, would it?

While Cloudflare does offer certain kinds of protection, whether tunneled or not you are exposing rdio-scanner to the outside. If there's a flaw a tunnel will not fix that. An access code would act as a deterrent and first line of defense.

Making Rdio-Scanner more secure?

saioke

Member

Enjoi19

Active Member

saioke

Member

mtindor

FMP24 PRO USER

saioke

Member

mtindor

FMP24 PRO USER

saioke

Member

N1FKO

Member

Similar threads