Plex has overhauled its apps from the ground up to make them easier to navigate. The teams says it will be able to roll out new features faster as well.
The way I do it with webservices is that I serve them all from virtual hosts. Scan my IP on port port 80? 301 moved permanently to same host port 443. 443? Welcome to nginx! Which webservice is actually served depends on the hostname being requested. The hostnames are just part of a wildcard subdomain with a matching wildcard certificate, so you can’t derive the hosts from the blank landing page’s cert. Though one option would be to disable https when no matching virtual host is found.
I know this isn’t protection against sophisticated attackers, but nobody uses my home services except me when I’m not home so the exposure is very limited.
Anyhow, with Plex you have a central provider who, if I’m not mistaken, knows a lot about how their customers use their product. The angle of attack is different.
The way I do it with webservices is that I serve them all from virtual hosts. Scan my IP on port port 80? 301 moved permanently to same host port 443. 443? Welcome to nginx! Which webservice is actually served depends on the hostname being requested. The hostnames are just part of a wildcard subdomain with a matching wildcard certificate, so you can’t derive the hosts from the blank landing page’s cert. Though one option would be to disable https when no matching virtual host is found.
I know this isn’t protection against sophisticated attackers, but nobody uses my home services except me when I’m not home so the exposure is very limited.
Anyhow, with Plex you have a central provider who, if I’m not mistaken, knows a lot about how their customers use their product. The angle of attack is different.