Plex Secure connections issues with DNS Rebinding. (Possible Fix!)

deathbybandaid · December 18, 2018, 12:04am

I recently had issues with my android phone having issues casting to the chromecast from my plex server.

After some reading, I discovered a dnsmasq tweak that may resolve the issue for some of you.

DNSMASQ

To allow secure connections to work correctly on the local network if you are using “dnsmasq” with DNS rebinding protection enabled, you will need to add the following line to your configuration file (the “advanced settings” box in DD-WRT):

rebind-domain-ok=/plex.direct/

Your milage may vary....

mrdrew · October 6, 2022, 7:38pm

My darn router (Orbi 750) doesn't have DNS Rebind options in it. I'm using the Pi-Hole DHCP server. Is DNS Rebinding something I do in the pihole server? Or specifically on the router? Router is still gateway.

korhant · October 6, 2022, 8:12pm

if you run pihole on a raspberry pi (like i do) you can create a .conf text file under the folder /etc/dnsmasq.d with a unique name (i.e. 99-plex.conf)
the .conf file should have one line
rebind-domain-ok=/plex.direct/
save the file then restart pihole with "pihole restartdns" command

Bucking_Horn · October 6, 2022, 8:39pm

Please note:
This topic originally describes an approach to define an exemption for DNS rebind protection for specific plex domains within the context of a router!

That would only be necessary if your Pi-hole's upstream DNS servers would return private IP addresses.

There are circumstances when that could be expected to happen, e.g. if you were running other local DNS servers (like an AD DNS server) in your network.
In a typical home network, that wouldn't commonly be the case.

I notice that you are asking for advice on a potential solution when you haven't disclosed your actual issue yet.
Are you sure that DNS rebind protection is causing your observation?

mrdrew · October 6, 2022, 9:10pm

You are exactly right!

I'm not able to download for offline viewing. They fail every time.

Now that I'm thinking about it: I'm not sure where to look for the issue, except that it seems to be a Rebinding issue from what I can Google-fu. I did make a post here:

Bucking_Horn · October 6, 2022, 9:51pm

To keep things focused, we should continue in that topic.

bombz88 · December 22, 2023, 1:55pm

Following up on this post for anyone currently experiencing concerns with local playback with plex.

This example is when using a pihole on the local network:

SSH into your pihole
nav to /etc/dnsmasq.d/
open your 'custom'.conf
add the following line

rebind-domain-ok=/plex.direct/

save your config
reboot pihole

This should resolve the concern with the 'insecure connection prompt' when playing plex on the LAN to a local device (chromecast, firestick, etc.)

bombz88 · December 29, 2023, 8:30pm

Hello,
I attempted this and thought it worked, and confirmed today that I still cannot make a secure connection to the PLEX server via chromecast, i have been bonking my head attempting to figure out this concern.

Any more suggestions would be appreciated.