1. Home
  2. Knowledge Base
  3. Applications
  4. Plex
  5. Setting up CloudFlare and Plex CDN

Prerequisites

Please follow this instruction on how to setup CloudFlare as your domain handler: https://support.cloudflare.com/hc/en-us/articles/201720164-Step-2-Create-a-Cloudflare-account-and-add-a-website

LetsEncrypt installed and configured with QuickBox Pro is also a must.

Please see this article: https://quickbox.io/knowledge-base/how-to-install-lets-encrypt/

 

NGINX Settings

SSH to your server and create a .conf file for your NGINX proxy
sudo su -
touch /etc/nginx/sites-enabled/plex.domain.conf
nano /etc/nginx/sites-enabled/plex.domain.conf
Copy and paste the below code. Make sure to edit DOMAIN.COM and replace it with your configured domain, in line 5, 14 and 15!
server {
    listen 80;
    listen 443;

    server_name plex.DOMAIN.COM;

    rewrite     https://$host$request_uri?  permanent;

    error_log   /var/log/nginx/plex_error.log    error;
    access_log  /var/log/nginx/plex_access.log   combined;

    #ssl on;
    # These are the paths to your generated Let's Encrypt SSL certificates.
    ssl_certificate     /etc/nginx/ssl/DOMAIN.COM/DOMAIN.COM-fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/DOMAIN.COM/DOMAIN.COM-privkey.pem;
    # To generate your dhparam.pem file, run "openssl dhparam -out /etc/nginx/dhparam.pem 2048" (without the quotes) in your terminal.
    ssl_dhparam         /etc/nginx/ssl/dhparam.pem;

    #Resovler set to CloudFlare. Timeout and nameservers may need to be adjusted for your location
    resolver 1.1.1.1 1.0.0.1 valid=300s;
    resolver_timeout 10s;

    #Plex has A LOT of javascript, xml and html. This helps a lot, but if it causes playback issues with devices turn it off. (Haven't encountered any yet)
    gzip on;
    gzip_vary on;
    gzip_min_length 1000;
    gzip_proxied any;
    gzip_types text/plain text/css text/xml application/xml text/javascript application/x-javascript image/svg+xml;
    gzip_disable "MSIE [1-6]\.";

    location / {
        # IP address of Plex Media Server
        proxy_pass          http://127.0.0.1:32400;
        proxy_buffering     off;
        proxy_redirect      off;
        proxy_http_version  1.1;
        proxy_set_header    X-Real-IP       $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header    Upgrade         $http_upgrade;
        proxy_set_header    Connection      $http_connection;
        proxy_cookie_path   /web/           /;
        access_log          off;
    }
}
Press ctrl+x and Y to save and exit. Ensure that nginx reflects the changes by issuing a restart with service nginx restart. If not already present run and let it generate the dhparam.pem file
openssl dhparam -out /etc/nginx/dhparam.pem 2048
 

Failure to configure CloudFlare correctly will result in page loading errors.

In no circumstance do we want CloudFlare to cache any of the data Plex plays. This will result in your account getting terminated


 

DNS Setup

Assuming you already completed the initial setup of CloudFlare and LetsEncrypt is installed and running on your server, following records should be there as a minimum
  • A-record for your domain.com pointing to server IP
  • Use CNAME for the subdomain (plex.domain.com) pointing to domain.com (@ will also work)
  • A-record for you subdomain if you are using that (sub.domain.com)
NOTE: “Orange cloud” means your domain is behind CloudFlare proxy. You will no longer be able to SSH using your domain name. Instead use IP

Type

Name

Value

TTL

Status

A

mydomain.com

123.123.123.123

Automatic

CNAME

plex

@

Automatic

Wildcard will not work for free accounts

 

CloudFlare Settings

SSL/TLS

 

Setting Name

Value

SSL

Full

Edge Certificates

Always Use HTTPS

HTTP Strict Transport Security (HSTS)

Include Subdomains: On, Preload: On

Minimum TLS Version

TLS 1.2

Opportunistic Encryption

TLS 1.3

Automatic HTTPS Rewrites

Disable Universal SSL

Keep Universal SSL On

 

 

Caching

Setting Name

Value

Caching Level

Standard

Browser Cache Expiration

CSAM Scanning Tool

Always Online

Development Mode

   

Page Rules

Very important! Missing Page Rule settings will result in your CloudFlare account getting closed!

Create a rule and add the additional settings

  • https://*.domian.com./*

Setting Name

Value

SSL

FULL

Cache Level

Bypass

Automatic HTTPS Rewrites

 

Network

Setting Name

Value

HTTP/2

HTTP/3 (with QUIC)

0-RTT Connection Resumption

IPv6 Compatibility

WebSockets

Onion Routing

Pseudo IPv4

IP Geolocation

Maximum Upload Size

 

 

Cloudflare as Content Delivery Network (CDN) for Plex

Plex Settings

  • Go to app.plex.tv > Settings > Network (Show Advanced settings)

Plex Network Setting

Value

Treat WAN IP As LAN Bandwidth

Checked

Custom server access URLs

https://plex.mydomain.com:443


It is important that you make sure https:// and :443 is included!


 

Plex Remote access

Disable “Remote Access”, Everything will still connect, including all the apps.

Remote Access will show as “red”. Learn to ignore this. Everything will still connect provided the above steps were followed    

Flushing Cache

Once you have applied these changes, make sure you clear your browser cache and purge the CloudFlare cache!

   

Bandwidth Usage control

When setup have been running for a while pay attention to the Analytics tab in CloudFlare.All data should be listed as Uncached Bandwith

 

Was this article helpful?

Related Articles

Guidelines

Please add bugs found in QuickBox Pro using this template:

Bug Report
Select Bug Report as the issue template

Please add feature requests for application inclusion in QuickBox Pro using this template:

Application Feature Request
Select Application Feature Request as the issue template

Please add feature requests for general QuickBox Pro using this template:

Select General Feature Request as the issue template
Select General Feature Request as the issue template

Viewing issues as well as feature requests does not require an account.

You will need to create an account on our Lab in order to post both Issues as well as Feature Requests.
You can register an account here if you do not already have one.

We look forward to your reports as well as your ideas and suggestions for ongoing developments to the QuickBox Pro software!

The QuickBox Pro Community Appreciation Day Event Sale is in full effect.
Get your savings on!
00
Days
00
Hours
00
Minutes
00
Seconds