Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
However, this app is able to authenticate and control qBit regardless of the webui username and password supplied; all it needs is the URL (qbittorrent.example.com) and it has full access. This is a huge security concern as this is a public facing service, and anyone with this url would be able to interact with my qBit instance, regardless of the fact that I'm protecting it with an authentication system.
I have a reverse proxy that points to the qBittorrent webui via a subdomain (qbittorrent.example.com, handled by a webserver not qBit). I'm using an app that takes this URL plus the webui credentials to interact with the qBittorrent API, so I can manage my torrents and media library all via this single app (nzb360).