I was running Plex server 1.7.2 on ubuntu, and suddenly noticed a folder named “DRM was here” which was set up to scan /mnt and / and some other folders. And it was indexing the libs like crazy - which is how I noticed it.
I have now updated to 1.7.6 and reset my plex pw, enforcing re-logon. Anyone else seen this? Vulnerability in Plex or my account was hacked?
in 1.7.6, a previously silent ‘disable remote security’ option was completely removed to prevent this. That option was meant for older televisions which can’t use https on the LAN. 1.7.6 was the final step in securing both LAN and WAN.
Your steps to secure the account are correct.
I would like you to, as root, look at Preferences.xml specifically sudo grep disable Preferences.xml and see if it finds disableRemoteSecurity.
While you were resettting your password, did you disconnect all connected devices?
Hi,
The setting is not there as I completely re-installed plex. And when changing the pw I also disconnected all devices 
Guess I’m all good then.
