With a fresh install of Plex you can still connect to it remotely…with no ports open. It will use Plex’s relay service to make the connection. That has limited bandwidth so it’s rarely anybody’s long term choice but it works right out of the box.

If you do choose to open a port then Plex partnered with Let’s Encrypt and Digicert to setup and maintain all the certs for you. So at least your connections are encrypted provided you use one of the many apps that support secure connections.

Is that the most secure way to run Plex? No. But it’s a couple steps in the right direction for basically zero effort on the server admin and users part.

You might not like the centralized auth of Plex but I don’t have to manage user accounts/passwords for people and deal with distributing them. Just send an invite to their email, they set it all up, and I never need to know about it. They forgot a password?…I never need to know about it.

Sharing it with people outside your house. Added hardships if behind CGNAT.

I’ll edit this…sharing it securely outside of your house. Just port forwarding to the box and saying have at it isn’t really a great idea.

If you have the Pro or Enterprise variant of Win11 you can delay feature releases for a year. Makes it way more stable. Here is a link. The anchoring might be off a bit(it was for me). I had to scroll down a bit further. You still get security releases, it’s just all the ‘features’ that get delayed so you can figure out how to work around them.

They’ll always wait for me to respond before telling me whatever issue they’re having….Just out with it in the first message.