this post was submitted on 15 Aug 2025
66 points (91.2% liked)

Selfhosted

50554 readers
513 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability.

The company has yet to assign a CVE-ID to track the flaw and didn't provide additional details regarding the patch, only saying that it impacts Plex Media Server versions 1.41.7.x to 1.42.0.x.

you are viewing a single comment's thread
view the rest of the comments
[–] rumba@lemmy.zip 1 points 1 day ago (1 children)

I'll go look at it again as well, their (jf) source control still had a lot of ancient open tickets last time I looked at it.

TLS for Plex was a really nice guesture. Company handling the issuing of the cert was pretty nice.

Realistically, I don't mind running a proxy for SSL unwrapping, there are enough projects out there that handle the unwrapping and renew their own keys from lets encrypt.

I just want to self-host this thing maybe run it through a single proxy product send the URL out to my extended family and forget about it. I wanted to be as secure as reasonably possible enough that I feel comfortable surfacing it.

Right now I surface Plex for the distant relations and tailscale jellyfin for my own, but it kills me I want Plex gone. But there are random TVs and kids on tablets, and honestly I don't want to be everyone's VPN endpoint or worry about onboarding everyone's new device.

[–] fmstrat@lemmy.nowsci.com 1 points 1 day ago (1 children)

Yea the catch was we were asking for TLS for a long time, and this was pre- Let's Encrypt, so those patching on their own didn't have a free (minus work) way to handle it. It took a releasable POC to get action.

All out devices just have a permanent Wireguard client since it uses basically no battery, and then a allow rules for households. If you don't want to run the client, and don't want to take the time to learn, you don't get access. But I totally get how that's not for everyone.

[–] rumba@lemmy.zip 1 points 22 hours ago (1 children)

Yeah, my problem is televisions.

If it was just tablets phones and desktops I could do SSL client certificates.

For my personal use I'm using tailscale and it's wonderful.

[–] fmstrat@lemmy.nowsci.com 1 points 22 hours ago

Ahhh. I put the wireguard client on the router, so it's more of a site to site setup for TVs.