this post was submitted on 16 Jun 2025
524 points (90.8% liked)

Selfhosted

46672 readers
921 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
CannaVet@lemmy.world
Loki@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
524
Plex has paywalled my server! (lemmy.giftedmc.com)
submitted 2 days ago by haui_lemmy@lemmy.giftedmc.com to c/selfhosted@lemmy.world
329 comments fedilink hide all child comments
 

I tried testing a movie from my home server in plex through firefox and repeatedly got this message, even after reloading.

I knew that they had paywalled the apps on mobile and streaming from outside the network but now they have also blocked watching your own movies through your own hardware.

I do get the point that making software should be able to sustain people but I dont see the move of plex as a fair thing to do. Yes, they have made great software but taking your home server hostage feels like the wrong move.

Even a pop up that says "we need you to donate please" would have been fine. make it pop up before every movie, play donation ads before any movie but straight up disabling the app is kinda cruel.

Anyway, i have switched to jellyfin and it is insanely good. please give it a try. you can run it alongside plex with not issues (at least i had none) and compare the two.

In any case, good luck. Let me know if you need help.

top 50 comments
sorted by: hot top controversial new old
[–] HiTekRedNek@lemmy.world 8 points 10 hours ago* (last edited 10 hours ago) (2 children)

As was stated on the first post you made about this, it's a dns or nat reflection issue.

Plex sees you accessing it through your external IP address, and not through your lan IP.

I had a similar problem, and had to roll back some nat changes I made, and now it's working fine again.

Meanwhile, free remote streaming works fine if you have a proper VPN setup. I just tested it, and was able to stream to my phone, through the Plex app, over my tailscale VPN, and I do not have Plex pass on the server or on my phone...

[–] jj4211@lemmy.world 5 points 7 hours ago (1 children)

This sounds like a whole lot of convoluted bullshit to use Plex locally and "looking local" through VPN solutions when you could just roll a Jellyfin instance and do things a more straightforward way..

[–] HiTekRedNek@lemmy.world 2 points 6 hours ago

Yeah, but my wife and kid also use it, and they're not going to be happy if I change things.

[–] haui_lemmy@lemmy.giftedmc.com 7 points 10 hours ago

I did not make a "first" or "second" post about this. This is it.

[–] DieserTypMatthias@lemmy.ml 31 points 1 day ago (2 children)

What about switching to Jellyfin?

[–] haui_lemmy@lemmy.giftedmc.com 16 points 1 day ago

Already done. Thanks for the suggestion though. :)

load more comments (1 replies)
[–] PhAzE@lemmy.ca 31 points 1 day ago (6 children)

Plex has pay walled FREE servers streaming to FREE clients only.

If you have a plex watch pass (for client) you're good and can stream from any server. If you have a plex pass (for server) any one can stream from your server. But you have to have one or the other.

[–] boonhet@sopuli.xyz 3 points 5 hours ago

Yes. But it used to be free to watch remotely. It's 99% your own hardware doing everything. Their services get used for discovery, not as proxies for the connection itself, AFAIK.

You already had to pay them to allow transcoding with your own GPU, etc.

Right now it's still not too bad, but just watch, enshittification will affect paid users too. For one, I expect the lifetime pass to go away, and go away retroactively eventually.

[–] HiTekRedNek@lemmy.world 4 points 10 hours ago (1 children)

And I just tested streaming from my free server to my free phone while said server is at my house, and my phone is with me at work.

Works fine over a VPN.

[–] PhAzE@lemmy.ca 4 points 9 hours ago

Yep, VPN will allow you to be on the same local network, and they're only pay walling remote play.

[–] MSids@lemmy.world 10 points 1 day ago (2 children)

For software I like made by people getting paid, I was happy to pay the one time fee. It's really good, secure, and downloads are fast now.

[–] JasSmith@sh.itjust.works 5 points 8 hours ago (1 children)

Ditto. There is a crowd on Lemmy who seem to get angry whenever people are happy to pay for software and I do not understand it. Surely we want developers to be paid for their hard work? Don't we want them to able to comfortably live?

[–] MSids@lemmy.world 3 points 7 hours ago

Agreed. I've stated it before in other threads, and I'll say it again here, but if they asked me in 5 years to pay another $89 or whatever in continuing support for a badge on my server I'd happily do it. Plex is really good. Great UI, great apps, great external enrichments like trailers/subtitles/ratings/actor info, and Plexamp is 9.5/10 for music.

Their biggest fault is how they communicated about the change for remote users. I did have a few family members get the email and ask if they were going to have to start paying monthly now, but they've never been on a free server. They should have stated more clearly than if you were on a Plex Pass server that no change is required.

[–] lepinkainen@lemmy.world 5 points 10 hours ago

Best 70-ish euro I spent over a decade ago

load more comments (2 replies)
[–] rumba@lemmy.zip 37 points 1 day ago (30 children)

It's pretty rare that a company starts taking away free features and doesn't end up fucking payers in the end.

The biggest bar to Jellyfin is TV clients, the second biggest is security.

TV clients can be fixed with a one-time purchase of a $20 android TV stick. If viewing your familys ARR content isn't worth $20 you probably don't need to do it anyway.

Security for remote streaming is a harder thing to handle. Most people are capable of port forwarding, But just hanging a smallish public project out there in the open is always a dicey proposition. It honestly needs real fail2ban, probably SSL, 2FA and password complexity requirements.

We could probably make a jellyfin helper container to handle some of this. Walk people through Let's Encrypt, dynDNS, port forwarding tests, add fail2ban with a firewall, maybe even slap suricata in it.

We need to convince the project to add 2FA and password complexity requirements.

I don't know guys what do you think is it crazy? does it make sense? Would anybody actually use it?

[–] chortle_tortle@mander.xyz 2 points 1 hour ago (2 children)

What are my realistic security concerns with a jellyfin server that I let friends and family watch while trying to minimize the troubleshooting and steps they need to take to get started?

[–] rumba@lemmy.zip 2 points 1 hour ago (1 children)

realistic security concerns

If you're running a binary installation of Jellyfin on your server and exposing it to the public internet, you can face significant risks:

  • Remote execution vulnerabilities might allow attackers to exploit bugs to run malicious code on your server.

  • Buffer overflows. Poorly handled data can let attackers manipulate memory, Bypass logins, touch things in the host that aren't meant to be twiddled with

  • Network exposure. If compromised, the server could become a launchpad for attacks on your network.

There might not be any vulnerabilities at this moment, but they might come in a future release. And we might not even know they exist. It's a small team of volunteers, and they'll do their best. This is just what is reasonably possible when installing the server as an application on your OS and exposing it to the Internet.

You can minimize risk with a safer setup, as someone else in the comments here mentioned (and I think they even linked to their setup)

Using a Docker container version of the app significantly reduces your attack surface. This isolates the app from your host system. If they get in, they only get into the container and whatever that container is allowed to do.

Mount your media files as read-only to prevent accidental modifications or potential malicious changes. Now that container can't do any real harm do your data.

Avoid making the container privileged. A privileged container can interact with the host system in risky ways.

Use reasonable unique usernames and passwords. If the container does manage to get compromised, they will likely be able to read usernames and passwords stored in the container.

Regularly update your container – Ensures you have the latest security patches.

Short of some massive Docker vulnerability, (which is on you to keep updated) the worst case should be public enumeration of your media, exposure of your JF users/passwords, and denial of service. Which IMO isn't very serious.

For even tighter access control, don't whitelist the entire world.

Whitelist specific IP addresses. Have users visit WhatIsMyIP to get their IP, then configure port forwarding to allow only trusted addresses. This allows the clients at their houses in without any serious hinderance, but would block them from accessing your media when they're not at their house.

If they're accessing you through a phone or PC, setup headscale or tailscale or any VPN and allow them to get to you through VPN

[–] chortle_tortle@mander.xyz 2 points 1 hour ago

Amazing info, thank you for the response!

[–] MintyFresh@lemmy.world 2 points 1 hour ago

I would be very interested in an answer to this as well. Also any how to guides that would be useful for a guy whose technical high-water mark was getting mint set up on my laptop.

[–] rollerbang@lemmy.world 19 points 1 day ago (5 children)

I access my stuff via VPN. As for sharing with others, I simply don't do that. VPN is still an option though. Or temporary client whitelisting, etc.

load more comments (5 replies)
load more comments (28 replies)
[–] fmstrat@lemmy.nowsci.com 35 points 1 day ago (33 children)

Old news, but time for Jellyfin. I made the switch a couple months ago. Some minor teething issues, but better, IMO, especially now as my family all have LDAP users and that just works.

[–] tuhriel@infosec.pub 1 points 5 hours ago

Give me a package that runs on my ds214play and I'll switch in a heartbeat

load more comments (32 replies)
load more comments
view more: next ›