- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure.
You must log in or # to comment.
Plex: requires external account to use their self hosted software.
Also Plex: oops lol
Jellyfin looks better to people by the hour.
I’m no Plex fanboy but from what I’ve read Jellyfin auth leaves a lot to be desired from a security standpoint, particularly if you are opening it to the web. And chances are if your jellyfin server was breached, you wouldn’t get an email about it.
It’s simple, don’t open it to the web directly.
If you have the ability to make your server public you also have the ability to put Wireguard on it, and after initial setup it’s trivial to use it.
You shouldn’t really host publicly any service that you won’t be monitoring regularly for security incidents.
But I like sharing my plex library with people.
Jellyfin’s gonna be a bigger project than I thought I guess.
This is why I’m still on Plex. I would love Jellyfin to make that easy somehow but I get it.
That’s why I mentioned Wireguard is trivial. :)
On Android I can have the VPN active basically 24/7, it’s basically transparent in daily usage.
That does not fit my use case.
Or don’t open it to the web at all and just use it as a local streaming platform in your home.
Until you try to share your library with someone and have to parse terms like reverse proxy or figure out how your mom can install a vpn on her Roku
If you can set up Jellyfin, you can set up a reverse proxy using Caddy. It’s dead easy.
And you also need a public domain. So I have to register, pay for, and configure that as well.
Recognize that we’re on like step 7 of “just use Jellyfin instead of Plex”
Why would you need a public domain? You should be able to use your IP address.
Or traefik
It amazes me how many people jump immediately to Jellyfin and A. Skip over Emby and B. Never ask what someone’s use case it.
I’m less fussed about a data breach that might require a password change than I am that 3rd parties have access to internal databases. Play history and library contents could be a lot of trouble for folks if that data is ever breached (assuming it is even kept by PleX which I hope it isn’t).
I really don’t understand all the hate. It’s like this weird echo chamber where everybody’s like fuck it I’m gone! Like you’re all just waiting for a fucking reason to switch if you want to switch switch. Personally for people like me without the time or inclination Plex is a fucking godsend. So I have to change my password big deal.
I just need Plex to survive until I can replace it with Jellyfin.
jellyfin exists.
So does Emby.
It’s unfurtunate that Jellifin or Emby is not available on as much smart TV platforms as Plex. I tried Emby years ago and it was close to Plex ease of use, but it was still fairly new and not quite there and hopefully a lot better now.
When this happens, I always forget to change the password through the server/localhost URL. Always gets confusing when I don’t.
Just deleted my account.
What are you using in its place?
Jellyfin isn’t any better once you share off your own network.
Should’ve done that. Their password reset link did not work, had to sign in and find the password change settings myself. And now they require special character / caps / etc.
Still gonna use plex. Still gonna lol at jellyplebs.
