Plex is starting to enforce its new rules, which prevent users from remotely accessing a personal media server without a subscription fee.
If anyone needs it: https://jellyfin.org/
To anyone saying they’re happy since they already have a lifetime Plex pass, do you really think they won’t come for you too?
Why would anyone use Plex over jellyfin anyway? The writing was on the wall years ago.
I set up Plex on my mum’s TV and she can just push play. The UI is intuitive (read: familiar) to her.
Jellyfin has a reputation for giving users more control and customizability, but the other side of that coin is that it’s more “fiddly”.
My users don’t want to fiddle.
That’s the opposite of my experience. Jellyfin just works and immediately exposes the content we’re looking for, plex tries overloading you with bullshit and burying your actual content
For remote streaming to, say, your mum’s house? (Or a friend, etc)?
Yes, after I set up the server properly (reverse proxy). With this change the same setup on the server side is necessary for remote streaming with free Plex.
My mum puts in the domain, username and password and starts streaming.
…reverse proxy…
Guess what I didn’t have to setup with Plex or Emby.
That’s because you had somone elses servers doing that part for you.
Good.
Using jellyfin on Chromecast. For the past 3 weeks I’m stuck not being able to use it because some update broke subtitles support for external players. App became useless, I can’t downgrade it, and the bug is still not fixed.
Not going to use Plex, just my 2 cents.
I haven’t had any problems with subtitles. You mind linking the issue report you’re referring to?
Plex still has the most fully-featured music streaming app (Plexamp)
Also Audiobook apps don’t really exist for Jellyfin.
Yes. There’s AudioBookShelf for audio books.
Or Plex, plenty of apps for audiobookshelf
Because I don’t have to learn about things like proxies to try and open the service up outside my network in a secure manner or try to explain to family they need to run tailscale at the same time and then inevitably have to provide tech support for another aspect of “why is this not working?”
I just check allow remote access and it just works and I can go about my day doing things I enjoy more because fucking about with Linux and providing tech support are pretty low on that list for me :)
Sounds like a skill issue.
Typical condescending reply that I expect, yes it is a “skill issue” and I don’t really give a fuck. We don’t all have the same skills or the same levels of interest in acquiring those skills, some of us just want a solution that works easily for their skill level.
It is your kind of attitude as well that puts more people off learning these things because without a real interest in learning these things those kinds of hostilities just put people off of wanting to participate in those circles.
Quick question, do you know how to wipe your own ass?
Do you know how to rebuild your car’s engine?
Do you know how to remediate black mold spreading on the walls of a houseboat?
Do you know how to compile Linux to run on some custom arm hardware?
Do you know how to repair or rebuild a crumbling stone retaining wall?
There’s a good chance you may not know how to accomplish all of those tasks. There’s also a very good chance you may not care about knowing how to accomplish all of those tasks, as some of them may not be relevant to you. This is ok.
Finally, I know you’re posting on the Internet, but you don’t have to be an asshole, that’s a choice.
Should I begin telling you about the wonderful man in the middle attack that I reported to Plex over 3 years ago and how it’s still not fixed? Anyone can setup a plex instance and use that very instance to request an ssl certificate on behalf of any other plex instance, and then setup shop and gain complete access to your machine.
Do you have a CVE for this?
You’re going to need to back up your claim otherwise you might as well be lying as there’s no CVE like this I can find nor any public disclosure.
Plex have a bug bounty program and a responsive security team too.
Post your security report.
Jellyfin is notoriously full of security holes. It’s recommended to not expose it to the Internet. It’s also easy easier on Plex, at least until this bullshit, to have a random non-techie family member sign in to your Plex server from anywhere. I never liked Plex and never got into it, but I see why people used to prefer it.
I think Emby is a good middle ground for people looking to jump ship from Plex. But I switched to jellyfin from my lifetime Emby sub because the plug-in community there feels dead and Emby development felt dead in the water.
Please do explain or link sources to what you think are “security holes”.
It has several unsecured endpoints.
https://github.com/jellyfin/jellyfin/issues/5415
If you read the comments the devs know it’s a serious issue but don’t want to break backwards compatibility fixing them. Their solution for now is to warn people of the risks of exposing their instance to the Web. Which I don’t think they’re doing a great job of.
Aside from most of those being “potential issues”, which weren’t proven, the rest are GETs of things that do not need to be secret, things like album art and list of installed plugins. Besides the one plugin issue, which was an actual security issue, which was fixed over a year and a half ago. https://github.com/jellyfin/jellyfin/pull/11436
Contrast that with Plex which has numerous high severity CVEs that include things like remote code execution, directory traversal, and more.
And you think if Jellyfin were a comparable size, there wouldn’t be just as many or more?
No… because more people would be working on it.
list of installed plugins.
Yeah, as you said, that’s a pretty serious security issue. That’s a data leak that explicitly lays out the shape of your attack surface. It tells the attacker exactly what additional software your server is running and if any of it includes known vulnerabilities, the attacker now knows how to gain access.
That only works if the plugins are somehow accessible through an api controller, which as far as I’m aware, is not how jellyfin plugins work. So no, it wouldn’t increase your attack surface at all.
You’re aware those CVEs are only relevant for ancient versions of Plex and were fixed long ago?
They are not marked as resolved.
Skip intro on Apple TV not working on Jellyfin is probably the #1 reason I do not use it.
When tvOS 26.2 comes out I will tentatively test Jellyfin + Infuse, but until then, Jellyfin is a non-starter for me.
But I use Emby over Plex so still not using Plex.
(looks up from his floaty chair in his Jellyfin pool while sipping his fruity bittorrent cocktail) C’MON IN FOLKS THE WATER’S FINE!
(sits in his Lamborghini Plex while a beautiful blonde gives him a handy) I’m fine, mate. Maybe later.
(GreenKnight23’s Internet goes out) (Lambo stalls and blonde turns into Steve Ballmer screaming DEVELOPERS)
Imagine hosting a software on your own hardware and still choosing the one that makes you dependent on the whims of a corporation lmao
When I first set up my server this year it was a VERY easy decision between this and jellyfin. Why would I ever go with the corporate, closed source option?
In my case, I was not able to make jellyfin work: transcoding issues, lagging, client disconnection or unresponsive… Plex worked flawlessly out of the box with the same hardware and the same library.
From time to time I try Jellyfin again, but things never change …
Jellyfin users, how is the transcoding situation? I have a mix of AV1 and H265 and I need to get smooth playback to my living room Apple TV for families’ sake.
Infuse player with jellyfin or direct nfs/samba if in same network
Infuse is not free. I love it and use it on my Apple Devices, but just wanted to have this as an FYI.
I’m moving to jellyfin because of my customzation obsession after using Plex for YEARS (bought lifetime as a kid in college), but I’m still going to donate to the Jellyfin team if I love the software they made. I’m so new to self hosting and it’s awesome how much free stuff is out there, but how do they maintain it for free?
Is the argument that we shouldn’t have to pay money to use software or that Plex / software is changing things after taking money? This is the one area that confuses me the most. Free as a selling point but like, are we just not supposed to send money or am I dumb for doing so?
