Back in Plex Media Server 1.29.2, we introduced some new behavior for macOS. This behavior is now being brought to Plex Media Server for Windows starting with version 1.32.2.
Servers will now, by default, need to be claimed (i.e. signed-in to a Plex account). Coinciding with this new requirement, we’re also making some changes to the process for claiming a server. Due to this, the old method of claiming a server will no longer work (simply opening the local, bundled Plex Web client will no longer give access to claim the server). We’ve simplified the process of claiming a server, as explained below.
Am I affected?
This security/claim change will apply to Plex Media Server on Windows (both 32-bit and 64-bit versions). This will continue rolling out to other platforms over time.
You will be affected and need to claim/sign-in the Plex Media Server if any of the following apply:
- It’s a new install (or a “reinstall” after a full data wipe) of Plex Media Server on a given machine
- Plex Media Server was claimed/signed-in at any time prior to installing v1.32.2 (or newer)
- Plex Media Server was claimed/signed-in after installing v1.32.2 (or newer) and then you unclaim/sign-out that server.
You will not be affected and may continue as you were nor need to do anything special when upgrading if:
- You have an existing installation that has never been claimed/signed-in.
Why are we doing this?
This change is intended to provide both security and user-experience benefits:
- The new claiming experience happens without having to load any third-party web pages, which avoids encouraging users to treat potentially-untrusted, insecure servers the same way they’d treat trusted Plex domains. This reduces phishing risks.
- The new claiming experience is generally much quicker and smoother for users.
- Previously, if a server became signed-out (whether due to intentional user action, a bug, or malicious attack), the server would default to an insecure state that was more vulnerable to certain classes of exploit. The new behavior ensures the Plex Media Server never enters an insecure state in this way.
- The old default requires a number of internal security mechanisms to behave in insecure ways by default, which can lead to security brittleness. Once it’s rolled out across all platforms, the new behavior will allow us to tighten internal infrastructure to be as secure as possible in all cases.
Does this mean I need to have an internet connection to set up a new server?
Yes. Your computer must be able to access our plex.tv services to claim the server. Once claimed, your server does not need constant internet access and will operate according to the current internet requirements as described on our support site .
How do I claim my server?
The process has been simplified. From the Windows system tray (that’s the group of icons shown on the bottom right of the screen ne to the clock), find and click on the Plex Media Server icon. You will be shown a menu of options. Select Open Plex.... (This is not a new option, it was already there.) When the server is unclaimed, this action will now open the default web browser and forward you to Plex.tv to sign into your Plex account. Signing into your Plex account in that browser window will then automatically claim your server and link it to that account.
If your server is not claimed and you explicitly want to not sign in/claim it, cancel this step.
What if the “Open Plex” button doesn’t claim the server or I can’t get to the UI to click it?
For problems and to accommodate headless environments, we have added an alternative claiming method. When Plex Media Server starts up, a file named Setup Plex.html will be created in the %LOCALAPPDATA%\Plex Media Server folder. Open this file with your web browser from any other computer on the same network and it will go through the same claim process outlined above.
What if I still don’t want to claim my server?
If you really, really, really don’t want to claim your server, you can remove this requirement for now. (It’s possible this exception may go away in the future, though.) This is done by adding an advanced server setting. See the Advanced, Hidden Server Settings article for more information about these types of settings.
- Parameter: enableLocalSecurity
- Type: True / False
- Description: Server must be claimed.
You will want to add this enableLocalSecurity key to the Plex Media Server registry entry with a value of False using the RegEdit application.
You may then need to restart Plex Media Server after making this change for it to take effect. With this setting in place, this new requirement will not apply to your server and none of the rules under the “Am I affected?” section will be applicable.
As noted earlier, this setting is temporary and may not work in the future.
