Plex server security

MinimartMinimart Member Posts: 3

I have a Plex server running in my house set up to allow remote connections from outside my network. I get daily emails from Fing letting me know that I have 4 ports open via Upnp for my Plex server. Is this something I should be concerned about? And if so, what can I do about it? If it’s not a concern, how can I get Fing to stop warning about it but still warn me if I have a different vulnerability detected? Thanks in advance!

VioletChepil

Best Answers

  • PoohPooh Posts: 675 ✭✭✭✭✭
    Accepted Answer
    You talking about the open UDP ports?

    Opening up anything to the outside world is always a risk - the question is, how much of a risk. In this case the risk is, is there a vulnerability inside Plex that will allow someone to exploit the Plex server.

    TBH the risk is low, although it is certainly not non-existent. There are no known issues today, but who knows, there may be a zero-day found tomorrow.

    I'd be OK with it, but just aware. Keep an ear out for any known problems and, if you hear of any, shut Plex down until the issue has been resolved.
    People say nothing is impossible, but I do nothing every day.
    kltaylorMinimartYesVioletChepil
  • PoohPooh Posts: 675 ✭✭✭✭✭
    Accepted Answer

    @kltaylor Plex is a different beast. You don't connect to the server, you rather the mothership Plex connects to you.

    When you stream from your external Plex client then it reaches back to the server.

    The UPNP is really there to aid the end user and allow the router to handle to forwarding. It wasn't until I posted above that I remembered I'd removed the server from my MacBook and put it on my NAS, and havenot had UPNP enabled since then (if memory serves)

    People say nothing is impossible, but I do nothing every day.
    MinimartPlantuchaVioletChepil
  • PoohPooh Posts: 675 ✭✭✭✭✭
    Accepted Answer

    Any time you expose any ports to the outside world you're opening yourself up to risk. The best you can do is hope that there are no unknown exploits in the wild that target whatever application you have open.


    Keeping up with security issues on the software is always important, as is ensuring you're subscribed to any alert emails that may get released by Plex.


    You can also use this site to keep on top with any known CVE's: https://www.cvedetails.com/product/30425/Plex-Plex-Media-Server.html?vendor_id=14994

    People say nothing is impossible, but I do nothing every day.
    HronosMinimartSH4D0WZ0MB1E

Answers

  • kltaylorkltaylor Member, Beta Tester Posts: 570 ✭✭✭✭✭
    edited August 30
    Minimart said:

    I have a Plex server running in my house set up to allow remote connections from outside my network. I get daily emails from Fing letting me know that I have 4 ports open via Upnp for my Plex server. Is this something I should be concerned about? And if so, what can I do about it? If it’s not a concern, how can I get Fing to stop warning about it but still warn me if I have a different vulnerability detected? Thanks in advance!

    First, let's disable UPNP.
    If you have ports open for Plex, and that's the only resource that is using a port forward, then secure the other ports by removing Plug and Play.  Having an open port for that service isn't necessarily a bad thing, just ensure that you're using a stately and robust password to remotely connect to it (remote management).
    Another thing to consider; do you really remotely connect to the server to manage it?  What OS are you running this on?  If it's Microsoft-based ... please use AVS protection.  Sophos Home has an awesome product, I use it myself and it has been the only AVS software that I  purchase annually.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    MinimartVioletChepil
  • kltaylorkltaylor Member, Beta Tester Posts: 570 ✭✭✭✭✭
    Pooh said:

    @kltaylor Plex is a different beast. You don't connect to the server, you rather the mothership Plex connects to you.

    When you stream from your external Plex client then it reaches back to the server.

    The UPNP is really there to aid the end user and allow the router to handle to forwarding. It wasn't until I posted above that I remembered I'd removed the server from my MacBook and put it on my NAS, and havenot had UPNP enabled since then (if memory serves)

    I played with Plex quite a while ago, so this tidbit of information doesn't surprise me.
    I believe that the Synology NAS has a Plex application, maybe I should install and configure it to understand more about it.
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepilGidster
  • SH4D0WZ0MB1ESH4D0WZ0MB1E Member, Beta Tester Posts: 2
    @Minimart : Hope you don't mind me jumping in on your topic.

    I just opened up my Plex server for remote access and have been wondering the same thing about security. Here's my situation. I have my Plex running on a Synology NAS. I recently opened it up to view movies from outside my home network. I manually assigned a port on my Plex server and enabled port forwarding for that specific port on my router. I believe I'm ok, since it's only port I've opened on my router is for my Plex server, but is there anything else I should look at to make sure I'm as secure as possible?
    VioletChepil
Sign In or Register to comment.