Firewall includes for Plex Media Server

Plex Media Server Remote Access
1

Seeing these IPs from Amazon AWS in my router log accessing my PMS:
204.236.133.68
3.131.209.36
54.167.31.60

I can block them via firewall but wanted to confirm they aren’t needed by Plex?

looking at inserting (ufw):
deny from 204.236.133.0/24
deny from 3.131.209.0/24
deny from 54.167.31.0/24

2

A portion of Plex.tv lives on AWS and is in a pool of IP addresses.

The only definitive ways to know are to:

  1. Look at the “MyPlex” addresses returned in your PMS Server logs
  2. Block and test.
3

thanks! was wondering if we could request the ranges of IPs that plex would be using. I already know which ones my remote clients use so having their ‘corporate’ ranges then I could put some solid rules in place. otherwise it’s just poking and hoping…

4

So it seems there’s no way to contact Plex support, so asking here. Whoever in Plex is responsible for Amazon aws will know the blocks or ranges of ips they’ve been allocated. Can they please publish them? In today’s world, having a port open to the world invites trouble.

5

The only OPEN port is the one you use for Remote Access.

The other Plex traffic to/from AWS are requests for data from your server and the replies (on that same outbound port) from the Plex servers.

If you have other inbound requests from AWS on the non-Remote Access port then those are not Plex and your firewall should be stopping them without any further consideration.

Again, there should be ONE and ONLY ONE open port. That open port is the port you use for Remote Access. Plex has no need of any other INBOUND ports.

I work for Plex so you’re indeed in contact with Plex support.

1 Like
6

What I’m asking for is the range of IPs that Amazon issued to plex. I work with many cloud providers and when you purchase services, they typically allocate or assign a block of IPs for those services or at least there is usually a specific range of IPs they typically operate with. Using that I and others, that are so inclined, can set up the firewall rules to allow only those ranges in.

7

Plex has multiple “MyPlex” regions around the world.
Every region of the world uses different AWS IPs.

You are missing my point.
The only IPs you need are those for your region / your service.
Those are listed in your server logs.
Those are the IPs your server reaches out to.

Publishing all the IPs Plex uses is a DDOS security risk.
I highly doubt any of the streaming services will tell you all their IPs either.

I cannot honor your request for disclosure

8

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.