I have been having issues with buffering on my server. I recently switched it to run over port 80, knowing that port is usually given priority by ISPs and all my buffering issues disappeared. Things run fantastic, however now I have a Plex login page on my IP address. How can I run it on port 80 but not allow everyone to see the login page?
You would have to completely disable all the built-in security. Doing so makes it possible for an irresponsible person to delete all your media.
Why would I have to disable the built in security? I just want to disable the landing page login so everyone that goes to my IP in a web browser doesnt see the login page
The landing page is hard coded. The only way to disable it is to turn off the security.
So you are saying that if I were running it on port 32400 and went to myip.com:32400 it would show the landing page?
Yes. You will have one of two scenarios based on how you hit it.
- The raw XML you otherwise get opening http://host:32400 showing credentials
- The full Plex/Web menu.
There will be no sense of ‘admin’ vs ‘user’. Settings - Server will be there and accessible to all.
You understand I am seeing the login page outside of my local network right?
Correct. This is by design.
Isn’t this a security concern as most people run on the default port and if any vulnerability was introduced, they could see exactly what you are running by doing a port scan on that port? The remote client should be able to communicate with the server without having to have a front facing page.
- The login page has multiple levels it must go through after a username/password are supplied. It’s not like “just logging into the computer”.
- PMS’s LAN port is fixed (32400) but it may be published / redirected from any external port you choose from 1025 - 65535 (less the obvious external reserved ports).
- Plex client apps communicate with the server using a proprietary protocol. Only web browsers need the Web page.
Hence why it is a good idea to enable the feature on your admin account (through plex.tv -> account settings) that only email are allowed as login name (and never use/present/etc that email in any Plex form or way, such as on these forums or such). With that feature enabled and in conjunction with a strong password lessens the threat level significantly.
