…now I have port 32400 in the Firewall, just how secure is access to our Plex media servers?
Curiosity mainly: as I didn’t set a Plex User password in my NAS (it created that user itself)
and I presume that should you ever change that user password you would have to then change that in the client ends somewhere?
Now I’ve upgraded to Apple TV4 I seem to be using my own personal account details that are registered with plex.tv
is all media server access done via the plex.tv based accounts?
(clients goto plex.tv get authorized and then given the registered server details of that account)
whats stopping an individual accessing your media server via 32400 directly?
(and does that happen) with default users/passwords etc?
Any further tips to lock down access to your Plex server from the outside world appreciated (best practise)
TIA
@havinabubble said:
is all media server access done via the plex.tv based accounts?
(clients goto plex.tv get authorized and then given the registered server details of that account)
Yes.
whats stopping an individual accessing your media server via 32400 directly?
The need for a username/password combo.
Just use your web browser’s ‘private mode’ and access your external IP:portnumber with it. You will only see a web page requesting credentials.
(unless your plex server configuration was opened up by someone or by a stupidly pre-configured ‘containerized’ Plex install [FreeNAS, I’m looking at you!])
(and does that happen) with default users/passwords etc?
There is no default unsername/password in plex.
Any further tips to lock down access to your Plex server from the outside world appreciated (best practise)
Don’t try to use a custom domain name for your plex server. Especially by using a reverse proxy. I’m not saying it is inherently insecure, but you need a chock full of know-how to do it right and not open up additional security holes with in.
Never, ever share your plex account credentials with other users.
If you want to share your server, do it the right way.
You can change your plex.tv account password from time to time.
https://plex.tv/users/edit
Keep your plex server software up-to-date, so it gets the latest security fixes.
