Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you ...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. 4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Implement client SSL certificates for authentication into mail

    There is an option in Outlook, mail.app and other clients "authenticate using certificate". HOwever Plesk does not allow to use this client based method of authentication.

    4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. sms verifying on login

    sms verifying on login

    4 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Enable SSH Key Generate via Plesk Control Panel

    With the SSH Manager inside Plesk Onyx, it is extremely easy to add a new key to a subscription. The problem is, most users don't understand how to generate a key with tools like PuTTYgen and explaining it to them leaves them very confused. It would be very handy if, inside the SSH manager there was a way to request a new key pair be generated and added to a subscription automatically, so users don't have to go through the hassle of generating a key.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. block bad bots by default

    There are many bots that can actually DoS a server using Plesk. Since there's no way to limit their connections they can overload a server really easily. Currently the only way to block them is by reading the logs and implementing blocks in nginx or .htaccess rules.

    It would be great if there could be some security by default. The community has created very comprehensive lists that could be used and auto updated / maintained by cron jobs.

    Here's an example for Apache

    https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/tree/master/Apache_2.4

    And here's for Nginx

    https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

    It could help mitigate attacks and vulnerability scans as well a…

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. 3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ability for Plesk administrator to disable Plesk customers to change their Plesk UI password

    Please add ability for Plesk administrator to disable Plesk customers to change their Plesk UI password.

    Message from customer:
    I am working on a separate account management panel and I want the customer to log in with the same password. Can I prevent the user changing the password in Plesk.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Enable Mail DKIM signing by default

    I suggest to add an option to Plesk Service Plans to enable DKIM signing when creating a new hosting package.

    Right now we have to manually enable DKIM signing for every new hosting account after creation.

    This should be inside a Service Plan under tab: Mail

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Make default Plesk Firewall rules more strict

    Right now "System policy for outgoing traffic" rule is set to allow all outgoing traffic as default which is not secure enough.

    Please consider to make default firewall rules for outgoing traffic more secure and allow only Plesk services to send outgoing packets

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. View certificate expiration dates for all domains

    Please add the functionality to view the summary of certificate expiration dates for all domains.

    This will help to monitor the situation and diagnose what is going on.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. New ModSecurity vendor (SecRemoteRules)

    ModSecurity 2.9.x and newer support SecRemoteRules directive, which allow download rules from remote server.

    This kind configuration is not now possible to ModSecurity Vendor list in Plesk GUI.

    Syntax: SecRemoteRules [optional crypto] key https://url
    Example: SecRemoteRules 12371283813.8712832abd https://rules.malware.expert/download.php?rules=generic

    We offer shared webhosting modsecurity rules: https://malware.expert/modsecurity-rules

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Import and export buttons to allow fail2ban Trusted IP or Banned IP Addresses

    Button that can import or export the Fail2ban Trusted or Banned IP lists. At the moment you can only add one by one.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Make PLESK compatible with "Microsoft Security Essential" for Windows servers

    Microsoft Security Essential is a free and powerful security software for windows server. I recommend make PLESK compatible with this software to have a powerful and simple security solution.

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. prevent users from changing permissions of files and folders to 777

    for safety should block permits chmod when apache runs fastcgi users plesk and users ftp

    3 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Filter POST and PUT requests, but keep GET available

    It is needed to block PUT and POST requests from specific country, but keep GET available. For example, I do not want China to send POST and PUT to my server, but they are free to send GET in order to receive website's content.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. deny access to .git folder by default

    I think it would be great if you could prevent access to .git folders that are usually left exposed by users in the server when building the vhost templates .

    It's very common that users forget to remove credentials and other sensitive information out of their repositories so by leaving the folder exposed it's possible for an attacker to gain access to this sensitive information.

    Currently we manually protect those folders when we spot them but it would be nice if this was implemented from the start.

    For example in nginx the following rule could be used.

    location ~ /\.git…

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. The possibility to manage Fail2Ban jails via CLI

    Currently, ip_ban utility does not allow to manage jails, for example, RECIDIVE jail.

    https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/6174932-fail2ban-setting-findtime-per-jail

    It is possible only via GUI

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. 2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Bind poppasd service to localhost only

    Currently poppassd listens on all IPs. Due to that an intruder can connect to the service via 106.
    Please implement binding of poppassd to localhost only.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Enable excluding folders on Protected Directories

    Right now it is not possible to use a protected domain on /, while using Let's Encrypt, as it also "protects" /.well-known.
    Please add a general function to add single un-protected directories.

    2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base