toomuchio/plex-nginx-reverseproxy

Cloudflare CDN works for regular HTTP traffic, will fix issues with some devices

natoriousbigg opened this issue · 6 comments

I just realized Cloudflare's CDN works for regular nonencrypted HTTP traffic as well. I added the reverse proxy on my server for port 80 and pointed the the same backend Plex port 127.0.0.1:32400. And changed secure connection preference in Plex from "Required" to "Preferred". Now devices that doesn't support SSL/HTTPS should work (such as LG WebOS TV). Might help fix the issue for PS4 as well #5.

I would also recommend using UFW to block all 80/443 traffic except those originating from CloudFlare:

#!/bin/bash
sudo apt-get --assume-yes install ufw
sudo ufw default deny incoming
sudo ufw allow ssh
for i in `curl https://www.cloudflare.com/ips-v4`; do sudo ufw allow from $i to any port www comment "cloudflare"; done
for i in `curl https://www.cloudflare.com/ips-v4`; do sudo ufw allow from $i to any port https comment "cloudflare"; done
for i in `curl https://www.cloudflare.com/ips-v6`; do sudo ufw allow from $i to any port www comment "cloudflare"; done
for i in `curl https://www.cloudflare.com/ips-v6`; do sudo ufw allow from $i to any port https comment "cloudflare"; done 
sudo ufw enable

I was forcing SSL mostly to gain HTTP2 performance, I wasn't aware so many clients didn't have support for SSL. I'll update the configuration and leave these commands in the readme this weekend. Thanks for this.

I don't know if it'll fix the PS4 issue, PS4 seems to be hard-coded to go over the default Plex port.

I don't have a PS4 to test either.

Done

When you say done, you mean fixed? How was it fixed... I still have an issue with PS4 not connecting.

That issue is still opened, it's an issue with plex not this proxy, they need to allow the plex client to connect to things that use non-standard plex ports. Open an issue with the plex team.
#5