Serviio Console Access Restriction

How to protect serviio console external access on Synology.

I'm running latest Serviio on Synology DSM7.0.1 using Docker.

I have a domain name that I use to access the Synology. For the console I connect [domainname:23423/console]. This is apparently open to the world to access. I have a User account specified for Mediabrowser access that challenges the user with name and password.

Is there any way to restrict the console to a specified user name and password?

Thanks for any assistance.

[atc98092]

No, there is no authentication for the Serviio console. But it's not open to the world. It is open to your network, but unless you set up port forwarding to your console in your network firewall, it can't be reached from elsewhere. And of course MediaBrowser isn't available to the Internet side unless you also port forward it as well. So if port 23423 is not forwarded in your firewall, it's protected from the Internet at large.

I think not beeing able to restrict acess to the console with an extra login -regardless from whatever location- is a defect.
Any unauthenticated user from the local network is able to login to the serviio console and then is able to modify/grant/delete the rights for acessing a media Library.
You might say the home network is trusted, but then think of a scenario like this:
You have two video Libraries, one with general content the other filled with Porn.
Serviio can set a library to beeing acessible only for some users. You dont want your underage family members to get access to the over 18 content.
But as soon as anyone of the household has figured out the default Port the Admin interface listens to, he can give himself acess to the Porn library. Ok I can simply forbid him to do this again, but then problem has already happend.

Leaving the administration unsecured while making it possible to restrict content by the administration makes no sense unless you can secure the administration.

There is a simple workaround for this problem. You can use a firewall to block connections to port 23423 (http) and 23523 (https) for anyone but a designated IP you want to use for Managment. Playback is still possible because it uses other ports.
Qnap includes a firewall which is easy to manage. Windows also.
Other platform most likely also have a similar feature.
Still an authentication would be a good thing to have.