How can I prevent just anyone from deleting files via Plex webpage?

  • Brand new OMV and Plex user here! I have successfully installed Plex to OMV (using Docker and Portainer), but I notice that if I go to the webpage interface for Plex (e.g. 192.168.1.250:32400/web/index.html) that I am able to right-click on movies and so forth and delete them from the NAS. As far as I can tell, anyone connected to my home network would be able to do this. Is there any way to prevent this functionality or at least require a password, etc. before removing files from the NAS? Thanks!


    FYI, my whole setup is OMV5 running on a RPi4B with a WD My Book 4TB External Hard Drive connected for data storage.

  • KM0201

    Approved the thread.
  • omv_tryer_outer

    Changed the title of the thread from “How can I prevent anyone from deleting files via Plex webpage?” to “How can I prevent just anyone from deleting files via Plex webpage?”.
  • In the volumes section of the container (I'm assuming you're using portainer), set your media folders to be read only (there is a button beside each share to do this). I believe that will do it.

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • If the Plex Admin user does not need the capability to delete media from within the Plex apps, then disable this feature.


    Don't give the Plex Admin credentials to other users. Create new users who will not have this feature available to them if it is enabled.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • In the volumes section of the container (I'm assuming you're using portainer), set your media folders to be read only (there is a button beside each share to do this). I believe that will do it.

    Just to update...I tried this, and it did exactly what I needed.


    Thanks again, everyone!

  • Yes, that will work. But if you ever do want to be able to delete media from within Plex, such as managing duplicate content, you won't be able to.


    Giving anyone other than yourself access to Plex using the Admin credentials is a bad idea. The solution you arrived at doesn't solve that problem. Those users might not be able to delete media from your filesystem, but they will be able to delete libraries from Plex and make other changes that you will surely not appreciate.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

    Edited once, last by gderf ().

  • You can also disable the "Allow media deletion" option in your Plex Server Library Settings

    Since only the Plex Admin user can delete media, disabling this setting is pointless if others have admin access - they can just reenable it at will. The correct way to solve this problem is to create unprivileged Plex users who have no access at all to the Plex settings section and no ability to delete anything.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • Since only the Plex Admin user can delete media, disabling this setting is pointless if others have admin access - they can just reenable it at will. The correct way to solve this problem is to create unprivileged Plex users who have no access at all to the Plex settings section and no ability to delete anything.

    I agree w/ this.... My guess is, the OP is worried bout "him" watching something and leaving himself logged in, and of course he has the ability to delete. You could take it a step further and say the admin movie should only be logged in when adjusting system settings, not watching movies (which should only be done by users)


    Although the dupe entries, they would be removed if you just did a rescan of your media wouldn't they, same if you add media (which I'm assuming he would probably just do via SMB). I know Kodi and Plex are very different, but when I had a roommate for a bit about 7yrs ago, I just created a user for Kodi on OMV, gave that user read only privileges on all shares, and then used it to log into my SMB shares on Kodi. The user could still scan the share, get metadata, etc... just couldn't delete media. If I deleted a movie (over nfs/smb or via command line),.. then I'd just do a rescan and then clean the database, and it would be removed.

    Air Conditioners are a lot like PC's... They work great until you open Windows.


  • Brand new OMV and Plex user here! I have successfully installed Plex to OMV (using Docker and Portainer), but I notice that if I go to the webpage interface for Plex (e.g. 192.168.1.250:32400/web/index.html) that I am able to right-click on movies and so forth and delete them from the NAS. As far as I can tell, anyone connected to my home network would be able to do this. Is there any way to prevent this functionality or at least require a password, etc. before removing files from the NAS? Thanks!


    FYI, my whole setup is OMV5 running on a RPi4B with a WD My Book 4TB External Hard Drive connected for data storage.

    do not connect to local IP eg: 192.168.1.250:32400/web/index.html) try to connect to https://plex.tv/web instead and login like a user not like a admin

  • You need to create a new managed user and PIN protect the Admin user's account.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!