For plex alone? No. No reason for just plex as you can simply use app.plex.tv to get to your plex instance.
And its already SSL protected
I just go to user.dynamicdns.we:port No need for reverse proxy, it's also one of exactly four open ports on my firewall (two VPN servers, and two Plex servers). Also, none of said ports are "standard" for the services provided.
My only externally accessible services are the Plex servers, and everything else is done via VPN for security.
Reverse proxy means only 80/443 need to be opened which are http and https
No need to remember ports and can also be protected by SSL and authentication
Is it so you don't have to open 32400 in your firewall?
Bingo
If you've properly configured your reverse proxy, you will only have to open port 80 and 443 on your firewall. It is more secure because it doesn't reveal what service is behind the subdomain by virtue of what port it's on.
Also yes, you can get an SSL cert for it.
It is more secure because it doesn't reveal what service is behind the subdomain by virtue of what port it's on.
This isn't really a security benefit at all. The banner is going to reveal that anyway - go search for Plex on Shodan. It doesn't matter what port it's on, especially given that Plex is running a webserver anyway. Being on 80/443 are going to be getting scraped for HTTP traffic by default, which will immediately reveal what's going on.
Reverse proxying in this case is simply for convenience. If you want to not have to add :32400 or your ISP is blocking high ports for uncommon services, etc.
For plex alone? No. No reason for just plex as you can simply use app.plex.tv to get to your plex instance.
And its already SSL protected
I just go to user.dynamicdns.we:port No need for reverse proxy, it's also one of exactly four open ports on my firewall (two VPN servers, and two Plex servers). Also, none of said ports are "standard" for the services provided.
My only externally accessible services are the Plex servers, and everything else is done via VPN for security.
Reverse proxy means only 80/443 need to be opened which are http and https
No need to remember ports and can also be protected by SSL and authentication
More replies
Bingo
If you've properly configured your reverse proxy, you will only have to open port 80 and 443 on your firewall. It is more secure because it doesn't reveal what service is behind the subdomain by virtue of what port it's on.
Also yes, you can get an SSL cert for it.
This isn't really a security benefit at all. The banner is going to reveal that anyway - go search for Plex on Shodan. It doesn't matter what port it's on, especially given that Plex is running a webserver anyway. Being on 80/443 are going to be getting scraped for HTTP traffic by default, which will immediately reveal what's going on.
Reverse proxying in this case is simply for convenience. If you want to not have to add :32400 or your ISP is blocking high ports for uncommon services, etc.
More replies
So that doesn't answer the final question.
Is it worth the hassle to set it up?
I mean I've read so many issues on setting this up if that is the ONLY reason to do this.
I generally don't see that much of an advantage.
The cons seem to outweigh the Pros
More replies More replies