You shouldn't need to do anything too complex, create a proxy host with your domain, point it to https - local.ip.or.domain.for.plex - 32400
enable all the options, cache assets, block common exploits, websockets support, allow proxy protocol
On the SSL tab, select all the options and create a SSL cert.
Aaaand that's it, you don't need anything special for plex.
Make sure port 443 and 80 are forwarded to nginx proxy manager on your router.
In plex add the external domain to the custom server access URLs in the network settings.
You can at this point disable the port forward for plex on your router, any remote connections will go through your external domain then the reverse proxy to get to your server.
That reminds me, you need to have something that connects your domain to your external IP. I use cloudflare for my domain's DNS, so I use a script that updates the cloudflare DNS settings so that a subdomain points to my external IP.
I have done everything you said, i have a domain where it points to my external ip, well see if this works now.
I have my own domain and a static ip address.
My problem is now i cant connect to my plex outside my network, it says:
Its "Secure connections" setting may be set to disabled, or you may need to adjust some settings on your network
After i set plex as connect securely: Verify you have a network connection and that the server is online, or see our tips for further assistance.
Is this because i use plex.com and not my domain.plex ?
What about streaming via apple tv/nvidia box outside my network, will it work as it should?
It's not working from outside my local network, what am i missing?
Whats the benefit of using NPM and your own domain vs just using the remote access feature + port forward built into plex (honest question)?
Its beneficial if you have more than plex that requires external access, instead of creating port forward rules for each thing you can port forward to only the reverse proxy and let than handle the routing and security.
This way you can focus on hardening the reverse proxy, and also add other tools like IPS and IDS on the reverse proxy, instead of doing that for every service that needs external access. This is especially useful for folks running consumer grade network hardware and don't have extensive security features on the router.
In my case I have about 20 services that need access remotely, but I don't want to deal with setting up a VPN for those since family and friends access them too. For example I have a minecraft server, a matrix server, a password manager, and nextcloud.
There is a slight security benefit since the reverse proxy provides another layer and you don't have to port forward directly to the plex machine, but its not a huge benefit.
I wanted a more secure network, meaning that port 32400 is widely know for plex, and i wanted to try and hide that, so it would take an attacker longer time to see it since it is under my subdomain, i know its a bit security by obscurity, but if i learn something new after some help, it can only get better :)
I just set the domain in npm and have it point to plexServerIP:32400 Set the url within plex as the address that the plex servers will advertise to clients. That has worked great for me.
You didnt change the internal port in plex settings?
You shouldn't need to do anything too complex, create a proxy host with your domain, point it to https - local.ip.or.domain.for.plex - 32400
enable all the options, cache assets, block common exploits, websockets support, allow proxy protocol
On the SSL tab, select all the options and create a SSL cert.
Aaaand that's it, you don't need anything special for plex.
Make sure port 443 and 80 are forwarded to nginx proxy manager on your router.
In plex add the external domain to the custom server access URLs in the network settings.
You can at this point disable the port forward for plex on your router, any remote connections will go through your external domain then the reverse proxy to get to your server.
That reminds me, you need to have something that connects your domain to your external IP. I use cloudflare for my domain's DNS, so I use a script that updates the cloudflare DNS settings so that a subdomain points to my external IP.
I have done everything you said, i have a domain where it points to my external ip, well see if this works now.
I have my own domain and a static ip address.
My problem is now i cant connect to my plex outside my network, it says:
Its "Secure connections" setting may be set to disabled, or you may need to adjust some settings on your network
After i set plex as connect securely: Verify you have a network connection and that the server is online, or see our tips for further assistance.
Is this because i use plex.com and not my domain.plex ?
What about streaming via apple tv/nvidia box outside my network, will it work as it should?
It's not working from outside my local network, what am i missing?
What about my ports inside plex, keep them?:
Private internal.ip : 32400 Public: external.ip : 32400
More replies More replies
Whats the benefit of using NPM and your own domain vs just using the remote access feature + port forward built into plex (honest question)?
Its beneficial if you have more than plex that requires external access, instead of creating port forward rules for each thing you can port forward to only the reverse proxy and let than handle the routing and security.
This way you can focus on hardening the reverse proxy, and also add other tools like IPS and IDS on the reverse proxy, instead of doing that for every service that needs external access. This is especially useful for folks running consumer grade network hardware and don't have extensive security features on the router.
In my case I have about 20 services that need access remotely, but I don't want to deal with setting up a VPN for those since family and friends access them too. For example I have a minecraft server, a matrix server, a password manager, and nextcloud.
There is a slight security benefit since the reverse proxy provides another layer and you don't have to port forward directly to the plex machine, but its not a huge benefit.
More replies
So for what i have read, and my though was.
I wanted a more secure network, meaning that port 32400 is widely know for plex, and i wanted to try and hide that, so it would take an attacker longer time to see it since it is under my subdomain, i know its a bit security by obscurity, but if i learn something new after some help, it can only get better :)
More replies More replies
I just set the domain in npm and have it point to plexServerIP:32400 Set the url within plex as the address that the plex servers will advertise to clients. That has worked great for me.
You didnt change the internal port in plex settings?
More replies More replies