How is remote access protected?

I've searched, but can't find exactly what I'm looking for, so sorry if I missed it and am asking a dumb question..

Basically, I understand that to watch remotely, I am to forward port 8089 on my modem to my Channels DVR Server.. What I'm curious of, is whether there's any facility to password protect this once it's created, or if anyone scanning for this port would have full access to watch (and delete!) my content?

In the meantime, i've been using a wireguard VPN setup on my iphone to access, but I'd love to be able to try to connect a device that is not capable of supporting the wireguard from the outside, but I'm not sure it's safe to just open that port with no other access control.

Any help, even pointing to appropriate docs would be greatly appreciated!


It's 100% protected with authentication as well as SSL.

SSL encrypts the data being transmitted, but where's the authentication? I'm never asked for an ID or password when I connect to the channels server.

Your DVR server uses OAUTH tokens to authenticate based upon your Channels account.

OK.. I did temporarily forward the port to see that experience.. So, is the logic that because the port 8089 traffic is coming from a routable IP address, it's choosing to respond differently, or did this also happen when I first connected from my internal web browser the very first time? I guess what I'm asking is how the same port is responding differently to an external request vs. one from my local network. I'm probably being paranoid, but I just want to understand the risk/exposure.

Thanks for the support by the way.. it's working great for what it's worth.. All my concern is just about the security surrounding the external connection!

Locally there is no auth. But traffic from outside your network requires authentication.

OK.. so yes, it's making the decision by the fact that it's not in the same local network.. That makes sense, thanks. I do kind of wish it supported configurable user IDs so I could control (for example) who could delete content, vs. just watch, and also to not have to use the same account/password that has access to my credit card on the site to just view TV.. (ie: dont want to give the main password to the kids at college!) but that's beyond the scope of this specific question..

Thanks a lot for the quick info!