@hovnetworks happy to help.. Yeah you would think for example that plex and uptime and statuscake IPs would all be in the us so wouldn't need those - but some of the IPs are outside the US when checking.. So its best to be specific.
Generally speaking port forwards are less secure for sure than say a vpn. But if you can lock down who can access it, it can be very secure.. In a scenario where you know the IP or even a small netblock of where the remotes are going to be coming from.. Limiting your port forward to that IP or IPs is pretty secure..
When I first started sharing plex, I was going to limit it to my specific users IP.. But you ask a user for their IP and most of the time its a deer in headlight look you get back. And then their IP changes, or they are trying to watch via their phone while they are out and about.. So did the next best thing and just locked it down to country where they would be coming from, etc.
I had a buddy travel to Ireland a few weeks back - so I opened up for him, and he did watch some stuff while he was there ;) And then when he got back I removed those IPs from the alias.