I thought this might find the right kind of technical audience here since I know our numbers include a fair number of self-hosters and admins of remote servers. This article is a detailed...
I thought this might find the right kind of technical audience here since I know our numbers include a fair number of self-hosters and admins of remote servers.
This article is a detailed technical tutorial (using NixOS, but all of these options can be set imperatively on any other distro too so it's a good general reference) which shows how to evade Plex's blanket ban on all networks associated with Hetzner data centers, but will no doubt also be useful when the next self-hosted-but-not-really company tries to do a similar rug-pull.
Is there a specific reason why you mention a paid service? Wireguard runs perfectly fine without paying for a third party service that might leak details about your privacy at some point.
Is there a specific reason why you mention a paid service? Wireguard runs perfectly fine without paying for a third party service that might leak details about your privacy at some point.
Setting up and managing a WireGuard server comes with enough complexity to warrant its own separate tutorial imo.
This can work with any WireGuard VPN provider (even with your own WireGuard server on another machine!) but for the sake of simplicity I have chosen to use Mullvad as the reference in this tutorial.
Setting up and managing a WireGuard server comes with enough complexity to warrant its own separate tutorial imo.
Well, then you'd need to run a server from your house for wireguard, which kinda defeats the whole purpose of cloud hosting your plex instance in the first place.
Well, then you'd need to run a server from your house for wireguard, which kinda defeats the whole purpose of cloud hosting your plex instance in the first place.
I'm out of the loop. Why would piracy be particularly bad on Hetzner? Do they have a policy or practice of not responding to IP reputation issues? I used to oversee network engineering for a large...
I'm out of the loop. Why would piracy be particularly bad on Hetzner? Do they have a policy or practice of not responding to IP reputation issues?
I used to oversee network engineering for a large entity, and worked to have infringing domains seized, servers taken down by hosts, etc, when we detected malicious activity. Blocking an entire host is a big step, so I'm curious what led up to it. Maybe Plex just threw up there hands due to the volume, I dunno. I will say, it can be a laborious process to go through these processes. But honestly, if I was seeing a huge amount of malicious activity from a host, and the host was also the registrar and wasn't being responsive, I'd submit the registration violation process, document the time stamps of my communication, and get the clock ticking. If the host continues to be nonresponsive, icann will seize/park the offending domains and can suspend the registrars ability to operate. If the registrar becomes responsive but rules against appropriate international agreements, you can start a separate arbitration with an accredited international entity.
Again, it's a lot of work, but personally it seems like with Hetzner being in the EU it would be a breeze compared to some countries I've had to deal with. Every EU complaint was dealt with before serious escalation when the registrar/host realized they were getting to the find out phase.
This is a neat tutorial. If you're on Arch instead of Nix, and using Mullvad, you can use the mullvad-vpn package. It'll set up systemd services and the like to force all connections through...
This is a neat tutorial. If you're on Arch instead of Nix, and using Mullvad, you can use the mullvad-vpn package. It'll set up systemd services and the like to force all connections through Mullvad for you.
I thought this might find the right kind of technical audience here since I know our numbers include a fair number of self-hosters and admins of remote servers.
This article is a detailed technical tutorial (using NixOS, but all of these options can be set imperatively on any other distro too so it's a good general reference) which shows how to evade Plex's blanket ban on all networks associated with Hetzner data centers, but will no doubt also be useful when the next self-hosted-but-not-really company tries to do a similar rug-pull.
Is there a specific reason why you mention a paid service? Wireguard runs perfectly fine without paying for a third party service that might leak details about your privacy at some point.
Setting up and managing a WireGuard server comes with enough complexity to warrant its own separate tutorial imo.
Well, then you'd need to run a server from your house for wireguard, which kinda defeats the whole purpose of cloud hosting your plex instance in the first place.
I'm out of the loop. Why would piracy be particularly bad on Hetzner? Do they have a policy or practice of not responding to IP reputation issues?
I used to oversee network engineering for a large entity, and worked to have infringing domains seized, servers taken down by hosts, etc, when we detected malicious activity. Blocking an entire host is a big step, so I'm curious what led up to it. Maybe Plex just threw up there hands due to the volume, I dunno. I will say, it can be a laborious process to go through these processes. But honestly, if I was seeing a huge amount of malicious activity from a host, and the host was also the registrar and wasn't being responsive, I'd submit the registration violation process, document the time stamps of my communication, and get the clock ticking. If the host continues to be nonresponsive, icann will seize/park the offending domains and can suspend the registrars ability to operate. If the registrar becomes responsive but rules against appropriate international agreements, you can start a separate arbitration with an accredited international entity.
Again, it's a lot of work, but personally it seems like with Hetzner being in the EU it would be a breeze compared to some countries I've had to deal with. Every EU complaint was dealt with before serious escalation when the registrar/host realized they were getting to the find out phase.
This is a neat tutorial. If you're on Arch instead of Nix, and using Mullvad, you can use the mullvad-vpn package. It'll set up systemd services and the like to force all connections through Mullvad for you.