I think you’re right to be concerned if the username in the alert was yours.
I don’t believe it’s possible to see previously cleared iOS notifications.
Have you changed your Plex account password? You should do so, and choose the option to sign out all previous devices.
just wanted to drop by and say we’re aware of this issue internally, we agree it’s not desirable, and are taking steps to address it.
That is bad
And here I was, just about ready to make the big jump over to Plex from Emby until I nearly had heart attack after discovering what my login page looks like to unauthorized users. I had to triple check using different devices and networks to believe what I was seeing before pulling the plug. However, I am glad to find out that the matter is being addressed and it looks like I will be moving forward with the migration after all.
Keep up the great work! 
(By the way, I don’t ever get involved on public forums and haven’t for the past 15 years, but after the emotional rollercoaster of this thread, your comment at the end brought a tear of joy to my eyes)
I just upgraded my plex server and browsed to it only to find my own content is hidden behind Plex’s VOD free-to-view iffy movies. Not impressed. On my own network I do not require auth to hit plex because all my browsers auto-forget cookies etc as I got fed up with all the across-internet tracking that goes on so wanted a bit of privacy so the browsers are set to block trackers and flush cookies when closed. Sadly this now means connecting to plex via web browser on my own internal LAN needs a few extra steps and I get reminded Plex thinks their iffy movies are more important than my now-hidden and unpinned chosen content – on my own LAN and my own server.
I am however amazed to come here and find out that not only is this happening to everyone, but if someone finds my plex server on the internet (on a custom port so should be OK) they’ll see all the iffy movies as being served from my domain. I hope this gets fixed very quickly and maybe big changes like this get thought through a bit more and we get given choices! We do still deserve to have choices, I know Google don’t think so these days but it would be nice to get some control.
Thank you for your support on this, Elan. Really appreciate it and the sensible approach you and the team have taken.
Is your steps to address this going back to how it was before or something else ?
Also, what timeline is your team working to ? Days, weeks, months or years ?
bundled web app won’t show the content. should be in an upcoming server release.
Thank you.
There have been 3 release since the info that it will be in an upcoming server release, any idea when this change will make it in?
it’s in the pipeline.
Jeez, this is a terrible decision by whoever made it. And I also still don’t get the logic, it makes absolutely zero sense.
I utilise the feature that allows me to run Plex on my own domain via a reverse proxy ‘https://plex.domain.com’. I then also put that domain in the ‘Custom server access URLs’ field under the Network tab to allow clients to route to the server if using the apps. This is all a supported flow as I understand it.
I just happened to open my Plex URL in an incognito window and was very surprised to not have a login page, but be presented with the free Plex content. Come on lads, that’s simply not cool!
Re. the COVID thing and bringing more free content to the world, that literally makes absolutely no sense and makes you look, quite frankly, like idiots. That function can be served by app.plex.tv There is absolutely no valid reason at all why that needs to, or should be, presented from users servers URLs. At least make it a toggle in the server settings for us to decide (defaulted to off I might add, just in case the point isn’t clear enough)
Terrible idea.
What is the status elan?
still in the pipeline or in beta server, i’m not sure exactly where 
I stumbled upon this because I thought I had PMS configured incorrectly. As for another reason why I don’t want to be a mirror for app.plex.tv, random people visiting the web player do consume my bandwidth. I realize the videos are not streaming from my server, but the web player absolutely is. It may be minor, but it’s something.
The only thing I can think of to achieve what you would like to have is to put a web server or proxy or ??? in front of it that you would have to authenticate against before being given access to the Plex server.
I would recommend that they do access your content via the apps, web browsers are terrible media players which will put more strain on your server.
Many apps these days are quite literally browsers with different controls. I don’t know Plex apps are, but I’d be more surprised if they weren’t.
The only thing I can think of to achieve what you would like to have is to put a web server or proxy or ??? in front of it that you would have to authenticate against before being given access to the Plex server.
This would most likely break any authentication Plex uses in its apps.
To do this, the proxy in front of the plex server would need to whitelist IPs requiring any client to have a stable IP or dyndns solution. For mobile clients on cellular, they would be restricted to access via VPN on the same network as plex server where mobile users must connect to the VPN first before starting the plex app.
The reason to avoid password auth is as previously noted, it would break plex clients that do not expect a password protected proxy in front of a plex server.
It has been said already above, that the issue will be tackled with a server update.
