Hi Plex team.
I have my plex server rather secured but would like to get from support what IP addresses plex central servers use to communicate with my plex server. I figure there are several services like scrappers, remote access, etc that need to be open.
Once i get this information I can create a inbound rule on my firewall to allow those IP addresses and port through.
I guess forwarding all incoming traffic on Port 32400 to the IP of your PC isn’t sufficient?
@AmazingRando24 said:
I guess forwarding all incoming traffic on Port 32400 to the IP of your PC isn’t sufficient?
Not at all 
I’m looking for plex owned server IPs that I can specifically allow, plus my plex guest IP addresses. If you aren’t on that ACL you’re not getting in. I know they have a set of 54.x addresses but i think there is more thus why i’m posting here. Would love to get an accurate response from the plex team.
The problem you face in such an endeavor is the DNS entries versus the responding hosts.
Not knowing where you’re located means Plex and its hosting partners would have to disclose all the IP addresses in use. Even if you did disclose where you’re located, the disclosure will not happen. Such data is company confidential.
You can whitelist the DNS entries and be 95% accurate but that’s it. You will need to allow each person you share with access as well. You must also allow for their ISP issuing DHCP addresses (which can change as frequently as every 24 hours).
All the scrapers, etc use outbound Query/Reply over the same connection to the DNS-published IP addresses. Any stateful firewall will guarantee nothing else sneaks in and spoofs a Plex.tv reply.
Respectfully, are you aware of the administrative workload you’re setting yourself up to do on a potentially daily basis?
Agree I will never be 100% safe but locking it down as best as you could is a good security principal. Public IP addresses isn’t that confidential. Routable IP addresses are in fact public and i could painstakingly watch this on the firewall over many many dreadful weeks.
Sounds like there is a public list of published domain / sub domain entries regarding plex services & communication to my personal plex server? I can work with that information.
My firewall setup is not your average bear.
I have a really nice pfSense box sitting as mine which also handles the PPPoE , live in a VERY hostile ISP service area, and i am a ‘hole in the internet’. I see the sweep attempts. I see the packets fall on the floor. If they don’t know I’m here, they will never be able to attack.
