Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you ...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support for HTTP Strict Transport Security / HSTS

    I'm wondering if Plesk also will implent HTTP Strict Transport (or HSTS) Security in the GUI. It's an extra layer of security for sites who need to be extra secure.

    It's being done with a special header (mod_headers for Apache) and a TLS connection. The client (browser) can then verify if the server is the real server and not a man-in-the-middle server/attack.

    It's as simple as adding the following code to the vhost config (HTTPS only!):

    Apache:
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

    Nginx:
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

    319 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      open discussion  ·  25 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
    • Assign separate SSL certificates for multiple mail servers

      Allow the ability to assign separate SSL certificates for multiple mail servers.

      38 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        13 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
      • Wildcard for Let´s Encrypt

        Let´s Encrypt already support wildcards, could you implement it to PLESK asap?

        13 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
        • Allow disabling of Let's Encrypt on a domain by domain basis

          Currently, when giving users the ability to access SSL to add their own certificates, they can also view Let's Encrypt and create free certificates. It would be useful to allow users access to add their own certificates without giving them access to use Let's Encrypt and there is currently no way to do this.

          Additionally, any users logging in to manage their domains can see Let's Encrypt (although cannot use it) and we keep getting asked about it, so it would be useful to hide this off for users unless they specifically need access.

          6 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
          • SSL Certificate changes should be reflected in Action Log

            SSL Certificate changes are currently not logged in Action Log in any way. Such changes should be logged as they are part of hosting settings.
            Yet, they should reflect the certificate details (e.g. "Certificate A was changed to certificate B").

            5 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
            • Allow certificate upload as .pfx container

              If you have a .pfx file containing Certificate, Private Key and CA certificate, allow to upload that container with one step.

              This way, a customer doesnt have to use tools like openssl to extract and convert the certificate themselves.

              .pfx is the preferred format on windows plattforms ,e.g. when you export a certificate from another IIS-based server.

              4 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
              • 2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  2 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                • Option to not select alias domains in Let's Encrypt by default

                  By default, the Let's Encrypt extension pre-selects all alias domains of a domain to be included in the Let's Encrypt certificate. This can lead to some unwanted results, for example when one of the alias domains is removed from the DNS at a later stage (because it was only used for testing) which would result in Let's Encrypt being unable to renew the certificate.

                  It would be nice if there was an option that allows us to configure that alias domains should _not_ be selected by default in the Let's Encrypt extension.

                  1 vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                  • I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.

                    I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.
                    For example
                    If example.com is another server, SSL certificate of www.example.com can not be acquired by Let's encrypt
                    I want you to be able to do it.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                    • Remove default certificate and set Let's Encrypt certificate as default when securing Plesk login page

                      When securing Plesk with Let's Encrypt, the default certificate should be removed and/or the generated Let's Encrypt certificate should be set as the default one.

                      Such Let's Encrypt certificate should be automatically applied to mail too, and in such case, if server hostname is changed later, that certificate should be automtically reissued, or at least a warning should be generated.

                      1 vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                      • Simplify adding a renewed ssl certificate (that uses the existing private key)

                        Currently, to install a manual certificate:

                        1. Copy private key, paste private key, update Cert and CA
                        2. Go to Web Settings, change certificate to new one

                        Proposed process:

                        1. Select "Add Certificate" option next to the certificate
                        2. Private key automatically reused (perhaps read-only or hidden by default)
                        3. Name, Insert/Upload Certificate and CA
                        4. Show a "Replace certificate" option, that will update the domains that used the original certificate.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                        • Don't see your idea?

                        Feedback and Knowledge Base