Ive got all the ARRs and have it to automate everything. I only have Deluge running through vpn as this is my download client. To my understanding is that the only thing the ARRs are doing is relaying plain text to the download client and the client does the downloading.
Im seeing mixed thoughts on this and im stuck in the middle. Should i set all the ARRs to run behind vpn or she’ll be alright ?
Thanks
I do the same, I know many people put their torrent requests through a proxy as well but I didn’t get that working properly so I did away with it.
I think you’re good with Deluge alone in my honest opinion, the acquisition of magnet links doesn’t break any laws… I’m talking about when obtaining perfectly legal content… ahem.
I have only qBittorrent through VPN with the binhex-qbittorrent image and everything else through clearnet (regular ISP traffic) - it’s never caused an issue.
The ARRs send downloads to qBT using magnet links so nothing is being “downloaded” over clearnet, it’s just shuttling a string of text, all downloading happens behind the VPN.
I’m sure there are plenty of people who will say it’s safer and more secure to route everything through VPN, but that makes intranet routing more complex and it’s just not worth the extra effort for me. I also have an ISP that’s pretty notorious for sending out DMCA notices and I have yet to receive a single one. Just my experience and 2 cents.
Sab for downloads. No torrents. Only leveraging Usenet. No vpn, only connecting via SSL port.
If you use prowlarr, then you only need to run that through your vpn. Any searches/requests your other *arr apps send will be routed through prowlarr and subsequently routed through your vpn.
Personally just torrent traffic. Evaluate your own risks. Visiting a torrent website isn’t against the law here in the US. The way people get busted here is from their IP being visible in a torrent swarm. They’re not getting that data from the tracker sites.
I run qbitorrent through VPN and all the arrs open. Been running that config for about 5 years and never had a problem. In the US on AT&T Internet.
While it is not necessary to route all *arr traffic through a VPN i still do following https://www.youtube.com/watch?v=znSu_FuKFW0 (adapt this to e.g. prowlarr and be sure to also follow the instructions in the top comment on that video)
prowlarr (or jackett, or similar) would be the most ‘at-risk’ arr programs, because they actually query torrent sites. They don’t download from them directly, so it shouldn’t be possible for data to leak from it, but it could mean that your ISP knows your network uses torrent hosting sites.
It doesn’t know what you do there, but it knows you go there. (reminder that torrenting is legal and these sites host some amount of legal content, nor proof that you even downloaded anything from them, so there’s no proof of copyright infringement on the basis alone of visiting these sites).
As far as other *arrs, they’re all fine. They just operate on the local network, aside from grabbing metadata information from TVDB or TMDB
My ARR’s, 2 SabNZB and self hosted spotweb run through a wireguard VPN (NordVPN) that runs on my pfSense. I can add more through the tunnel by adding the ip-addresses on a specific LAN firewall rule that points to NordVPN. Works like a charm.
Get full gigabit download…
Deluge and prowlarr should be in the VPN. Prowlarr looks up and connects with the site. If you use flaresolverr that should be attached too I think. Easy enough, you can forward all the traffic via a proxy in deluge. If it doesn’t show up in deluge rebuild it(I use binhex-delugevpn).
Or you could use “–net=container:” to forward all traffic through deluge.
I do prowlarr and flaresolverr due to being denied access to some indexers without the connection. seems cox blocks some sites automatically.
eh, I never put Arrs or anything through VPN. I put my download client on a Hetzner dedicated server in Germany (without VPN) and let my local Arrs grab that via an Rclone SFTP docker volume mount attached to the containers.
I use the privoxy that’s included with binhex’s qbittorrent image.
And since I use prowlarr, I added a tag for privoxy (just like you would for flaresolverr) and applied the tag to the indexers I want it for.
This way the magnet/torrent is effectively retrieved through the vpn you set up in the binhex container
i have my vpn and prowlaar & Jacket on VPN/WG only the rest don’t matter as they are pushing to “sites”
I’ve been going on 4 years without needing anything but my torrent client behind a VPN. Never have received a notice from my ISP.
I send all arr apps and tor clients through the VPN Client (Gluetun), including the indexer (Prowlarr).
I have my ARRs pointed at jackett, so running them thru the VPN is pretty pointless since all they would pull from the Internet is metadata. Jackett and qbittorent and solvarr go thru the VPN. If you don’t use jackett or a similar app, then yes ARRs should go thru VPN due to they are accessing sites that have no purpose except Linux iso download
I’m running the same way. Idk if anyone truly knows what the best practices are
The volume of traffic i pull through my isp is enormous.
I mean… I pull like 2TB/month and have still not had an issue. lol