I have a server that is behind a Nginx server and Cloudflare. Now the server can be reached no problem at all, however, it does not appear that Alexa will work in this type of a setup as, for whatever the reason, I am unable to get the server to acknowledge that it is available for remote access. If I open up port 32400 and then test and succeed to get remote access, Alexa seems to work, but when I block it and try to use the proxy setup, it does not.
Is there a reason that my clients would be able to play media, but Alexa is not able to reach the server? Just in case it helps, the server does have “Custom server access URLs” filled out properly, and those addresses work just fine. Additionally, as mentioned, I have many clients, in multiple locations, that are able to reach the servers and play just fine.
Yes, on the server itself I have a letsencrypt SSL certificate, however, it is not configured in PMS. Is that needed as it is currently behind a Nginx proxy?
Update: I went ahead and set that up and will test it in a bit, however, I’m not sure how this would affect Alexa’s communication with the server as it is behind a Nginx proxy. To be sure we are on the same page, this is what I have set up.
I have Cloudflare pointing to my Plex server and said server is also running a Nginx instance that is properly proxying to the Plex service. Now, with only port 443 and 80 being exposed to the world, with port 32400 not being opened to the world, I can properly stream and play media on clients, however, Alexa does not seem to work. If I open port 32400 Alexa then works just fine.
At this point, https and http access are available and the SSL certificates seem to check out just fine at all levels.
Yet Another Update
I’ve come up with the idea of allowing Amazon through the firewall, however, and correct me if I’m wrong, would this not still result in the 32400 port being advertised as valid in the https://plex.tv/api/resources endpoint. If that is the case I would think this would be an issue as clients could potentially see this as a valid endpoint when it is not. If I have some more free time I may try this out and post how it goes.
