Plex Media Server prompts for firewall permissions on each launch, even though it's on the allowed list under Firewall in System Preferences.
The reason is that once started, Python will store bytecode versions of the Plex code as .pyc files within /Applications/Plex Media Server.app. This breaks Gatekeeper code signing, since the Application has been "tampered with" by adding files. That's what causes the repeated firewall prompts.
When first unpacked, and before first launch, the signature is fine:
$ codesign --verify --deep --verbose=1 /Applications/Plex\ Media\ Server.app/
/Applications/Plex Media Server.app/: valid on disk
/Applications/Plex Media Server.app/: satisfies its Designated Requirement
After first launch, the signature is no longer valid, because a bunch of .pyc files were generated by the Python runtime:
$ codesign --verify --deep --verbose=1 /Applications/Plex\ Media\ Server.app/
/Applications/Plex Media Server.app/: a sealed resource is missing or invalid
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/BeautifulSoup.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/cerealizer/__init__.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/__init__.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/cipher/__init__.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/cipher/base.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/cipher/cbc.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/cipher/rijndael.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Platforms/Shared/Libraries/crypto/common.pyc
... 140 more files listed ...
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Versions/2/Python/subsystem/propertyfix.pyc
file added: /Applications/Plex Media Server.app/Contents/Resources/Plug-ins-7efd046/Framework.bundle/Contents/Resources/Versions/2/Python/subsystem/weakreffix.pyc
It might be a good idea to disable the .pyc creation, but that of course has performance implications: http://stackoverflow.com/questions/154443/how-to-avoid-pyc-files