I got a Plex installation on a Windows 10 machine. Everything is ok. I opened the 32400 port to get remote access. But I’m somewhat worried about security aspects. So I decided to activate remote access only when I’m using Plex. I have a few questions thought:
-Is Plex not listening at anything remote when remote access port is deactivated ? I mean, can someone try to remotely attack on that 32400 port when Plex remote access is off ?
-Is it better to change this default 32400 port to something else ?
-Is there anything else that I can do to secure a bit more my installation with this 32400 port opened on my router ?
@Mambobuzzz said:
-Is Plex not listening at anything remote when remote access port is deactivated ? I mean, can someone try to remotely attack on that 32400 port when Plex remote access is off ?
If you are using port forwarding on your router, then the port will always be open even if you don’t specify it the PMS settings. So remote access won’t work when trying to go through plex.tv but you can manually enter your IP and port.
-Is it better to change this default 32400 port to something else ?
Yes
-Is there anything else that I can do to secure a bit more my installation with this 32400 port opened on my router ?
If you know you will only access your server from specific locations, you can whitelist those IPs in your router setting for the port forward so only connections from those IPs will work.
There is also an option in your plex user profile to only allow logging into Plex using your email address. This will prevent people from trying to get in using your username.
-OK, for sure port stays opened on the router. But in that case, does Plex still “ear” at remote connections ? I think if no application ears on a given port, even if opened on a router, no attack can be done here right ?
-Ok, I’ll change that port and check those settings in Plex.
You can buy a raspberry pi or better a banana pi and use it as a OpenVPN server alaways on. When you need to connect to plext, you first connect to your house with a OpenVPN client (with settings and keys of your VPN server) and than to Plex.
With a VPN connection, it is like you are in you LAN and it is very safe (you only need to keep open the OpenVPN port and nothing else).
-OK, for sure port stays opened on the router. But in that case, does Plex still “ear” at remote connections ? I think if no application ears on a given port, even if opened on a router, no attack can be done here right ?
Technically, it is your router that listens for the emote connection. PMS only cares about it’s internal port, which it always listens to assuming you’ve opened that port in your computer’s internal firewall.
so I had a try with one random port this weekend. 26518. But no luck. Configured it in Plex and on my router, but Plex stays unreachable for outer connexions. Reset it back to 32400 everything is ok.
Can you explain how you configured the router? Typically there is an external port, which is the one you choose, and an internal port, which must always be 32400.
Sorry for delay. Here is my configuration:
On Plex:
On my router:
Port is transfer to local IP Adress. Just like a do when using 32400. But with this one, it doesn’t work. I don’t get it !
Looks like your router doesn’t support using different internal and external ports. This is a limitation I have seen on some routers. In this case, you are stuck using port 32400.
