I was pretty horrified to find that my entire plex library was wide open for all to see if you just browsed to http://:32400/web without any authentication. I’ve tried this on many connections, in incognito mode.
I have got 127.0.0.1/255.255.255.255 listed as the only entry in the Network->List of IP addresses and networks that are allowed without auth section, and just use the standard “Enable remote access” setting.
As things stand, until I can resolve this my server is off. If anyone is able to assist that would be much appreciated. If I can’t resolve this then I will have to cancel my plex pass and find a more secure platform.
For info I am running on Freenas, plex version 1.4.4.3495
##step 1:
take a deep breath!
##step 2:
do you have your server linked to your Plex account?
if so, access will require your credentials. If you had already logged in from a different client, Plex will remember that – unless you actively sign-out it won’t immediately ask to re-authenticate.
if you don’t feel sure about this… go to your server and check out Settings | Devices. Remove any device you don’t like and you’ll be required to authenticate again before being able to use Plex from that device again.
Hi Tom
I just gave that a try, removed my phone from the devices, cleared the cache on my phone and opened a new incognito window. I browse to the same address and my library is still fully accessible.
My server is linked to my plex account
Thanks
Update your server version!
