This article shows the method of securing Plex with Cloudflare tunnel. Bobcares, as a part of our Server Management Services, offers solutions to every query that comes our way.
Securing Plex With Cloudflare Tunnel
Installing a client and configuring it to create a secure connection with the upstream proxy are the prerequisites for a tunnel to operate on the server. Anyone with the address can still access our Plex login page even though tunnels are great for getting the origin on the public internet without breaching the firewall or forwarding ports on the router.
The following steps configure Cloudflare access to restrict access to our Plex to only us. For everyone else, a Cloudflare “access denied” page will be displayed.
- Free Cloudflare Zero Trust Account Creation
- Tunnel Setup
- Route Creation For Tunnel
- Cloudflare Access Application Creation
Free Cloudflare Zero Trust Account Creation
Firstly, create a free account by going to Cloudflare Zero Trust.
Tunnel Setup
The cloudflared Installation
# Install cloudflared brew install cloudflare/cloudflare/cloudflared cloudflared tunnel login # this will open a browser for you to log in.
The cloudflared Configuration
# Ensure the config directory exists
mkdir -p ~/.cloudflared
# Create a new tunnel. Be sure to save the output of this
# command as it contains the Tunnel UUID needed in the next steps.
cloudflared tunnel create plex
TUNNEL_UUID=<tunnelUUID>
cat << EOF >~/.cloudflared/config.yaml
tunnel: ${TUNNEL_UUID}
credentials-file: /Users/${USER}/.cloudflared/${TUNNEL_UUID}.json
ingress:
- hostname: plex.example.com
service: http://localhost:32400
- service: http_status:404
EOF
# Install the service to run at login
cloudflared service install
Route Creation For Tunnel
We can use the below code to attach the tunnel to the provided hostname:
cloudflared tunnel route plex plex.example.com
Cloudflare Access Application Creation
Finally, create an app from the Zero Trust Dash to guarantee that nobody else can access our Plex origin server.
1. Choose Access >> Applications on the left-hand navigation and select “Add an Application”.
2. Then pick “Self-hosted” as the option.
3. Click “Next” after entering the needed details in the space provided.
4. Keep “Allow” as the rule action and type in a policy name before scrolling down to the “Create additional rules” section.
5. Pick “Email” from the dropdown menu, then type the email address into the box on the right.
6. Click “Add application” after selecting “Next” once again. The app should then appear in the dashboard after that.
Finally, go to the route we set up for the tunnel and enter the email we used to create the app policy. A code will then appear in the email. We will be taken directly to the Plex server after entering that code.
[Need help with another issue? We’re available 24/7.]
Conclusion
The article provides a simple method to secure the Plex server using the Cloudflare tunnel. Keeping the entire stack secure, not just Plex is made possible by combining Cloudflare Tunnels and Cloudflare Access.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
How would this work when using Plex on Roku or Google Chrome?
Hey,
Cloudflare Tunnel might work with Plex on Roku/Chrome, but:
TOS violation: Free tier likely violates Cloudflare’s terms.
Performance: Tunneling can introduce lag.
Alternatives: Consider port forwarding or Plex’s official remote access.