I realize this might not be the best forum for this question, but I know a lot of people here probably use the PlexPy application in conjunction with their Plex installation.
I have recently begun seeing another User in PlexPy called Local. It has 15 different IP addresses associated with the user and appears to have accessed my server via several different devices (Chrome, Safari, Roku, Android, etc…).
I have a couple of users who I have setup with access to my server. They have Plex accounts that have been granted access as Friends. In addition, my kids were setup via Plex home accounts (I have removed these for the time being). I run my server off Freenas, so I have never played anything “locally” so I think I can rule that out.
Questions:
Have any of you run into this Local user in PlexPy before?
What steps should I take from the Plex perspective to better lock down access to my server?
@jjrjr1 When did you start seeing this activity? Mine first appeared in September, and activity has steadily increased since then. Sometimes a full movie/tv/song is played, but mostly just a few minutes here and there.
Hmmm.
I also noticed this user named “Local” a couple months ago as well.
In my PMS (On PlexPY) no activity is recorded at all.
Do not know where this user came from
LOL
So far no effect, but certainly is bizzare
I have seen similar reports when someone is playing that does not have direct access, and is using the plex relay function.
The now playing seems to indicate it is the local IP address playing the item.
I came across this link and it was helpful for locking down my server.
I performed the tests and I was able to connect without logging in via my external ip. This was due to disableRemoteSecurity=“1” in my Preferences.xml. I changed this to disableRemoteSecurity=“0” and restarted Plex. I’m no longer able to access Plex directly via my external IP without logging in.
I don’t know what impact this has on my original question, but I think it is something that might help others with a similar question.
Your issue was most likely the disableRemoteSecurity flag in your XML file. Someone came across your server on the internet and was able to stream from it without any authentication, thus showing up as “Local”.
Thanks
For me the DLNA answer might be it.
About a couple months ago I finally fixed the Broken DLNA after a Plex Update (No Help from any Plex Devs my posts were ignored)
In fact the fix was to Pre-Authenticate the DLNA device in the PMS setting for ip’s not requiring auth…
Although I never use DLNA, the time I fixed it might correspond to when this user showed up
I would change the default port also while you’re at it. If it’s still 32400, it would be easy to find by other people who scan for that port.
I change my default ports for every network piece of software. Like for VNC the default is 5900. There’s no way in hell I’d want someone trying to get in via VNC by port scanning me so I changed it to some crazy number no one will know.
