Genialist Media Server

Support / Documentation / Security

How to configure accounts, check the log files, secure access...

Contents

User Accounts

Access to the server is restricted by user accounts. Everybody must login with a username and password.

You can configure some users so they do not need any password to login, for example guests or children.

In such case, ensure those accounts do not have the Administrator Role selected (see below).

To view all existing accounts, go to the "Server Settings" page and click on the "Users" button:

You can click on one user's Name to go to his/her page and configure the account and "Parental Controls".

Back to top

Administrator Role

User accounts who have the Administrator Role option selected can:
  • Manage the server,
  • Import or move medias,
  • Change anything on any user.
  • Disconnect users.
User accounts who do not have the Administrator Role option selected:
  • Can read and view medias.
  • Can create and update their own playlists.
  • Cannot modify "Parental Controls" on their accounts.
Back to top

Log Files

You can view all activity of the server in the log file:
c: / users / <your-windows-account> / AppData / Local / pFramework / logs / pMediaLibraryHTTPViewer.log
You can view all requests made to the HTTP and HTTPS ports of the server in the log file:
c: / users / <your-windows-account> / AppData / Local / pFramework / logs / pMediaLibraryHTTPViewer-access.log
The format of each line is
<date> <time> <connection-id> <client-address> <method> <url> <response-code>
where
  • <connection-id> is the connection number. It increases as clients open new connections.
  • <client-address> is the IP address of the client.
  • <method> is the HTTP method, like GET, POST, HEAD, etc...
  • <response-code> is the HTTP response code sent back to the client (200: OK, 404: Not Found, 403: Forbidden, etc...).
For example: 
2017-10-02 22:42:21.997 52 0:0:0:0:0:0:0:1 GET /rose/822f10c3-d764-4a7d-a34a-0e0db3fee31b/resources//artwork/pictures.medias/2/2254.jpg 404
2017-10-02 22:42:24.789 49 0:0:0:0:0:0:0:1 Connection closed by peer
2017-10-02 22:42:29.391 52 0:0:0:0:0:0:0:1 GET /rose/822f10c3-d764-4a7d-a34a-0e0db3fee31b/movies.movies/1407 200
2017-10-02 22:42:29.422 38 0:0:0:0:0:0:0:1 Connection closed by peer
2017-10-02 22:42:29.438 54 0:0:0:0:0:0:0:1 GET /rose/822f10c3-d764-4a7d-a34a-0e0db3fee31b/resources//poster/movies.movies/1/1407.jpg?v=48d10f21-654a-42d7-9ea6-fcf1ff9f8101 200
2017-10-02 22:42:29.438 52 0:0:0:0:0:0:0:1 GET /resources/html/js/hls.min.js 200
2017-10-02 22:42:29.547 51 0:0:0:0:0:0:0:1 GET /favicon.png 200
Back to top

HTTPS/SSL

By default the server listens to one non SSL port (14080) and one SSL port (14443).

On the SSL port, the server creates its own private and public key every time it starts and self-signs its public certificate.

To install your own private and public key pair, proceed as following:

  1. Connect as a user with the Administrator Role.
  2. Go to the "Server Settings" page and click on the "Configure..." button.
  3. In the "SSL Keystore" section, select the file which contains your key pair.
  4. Select the File Type/Format if required.
  5. Type the File/Keystore password and Key/Alias password if required.
  6. Restart the server.
Back to top

Disable Administrative Actions

In case you suspect somebody might modify your server or medias or users without due authorisation, you can disable any administrative action not coming from the machine where the server is running.

To do so, go to "Server Settings" and click on the "Configure..." button.

In the dialog box, select the "Security" tab and select the "Limit administration actions to localhost/loopback only":

The server does not need to be restarted.

Back to top
This site uses cookies from Google to deliver its services and to analyse traffic. Your IP address and user agent are shared with Google, together with performance and security metrics, to ensure quality of service, generate usage statistics and to detect and address abuse. Learn More OK