Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Security: Mail TLS-enforcement for specific target domains

    Recently, larger companies have been requiring their customers to enforce TLS for e-mail traffic.

    The mail system must therefore enforce TLS on certain target domains. The customer must be able to define this himself and it is important that this is not defined globally and is only activated for the sender domain of this customer and not for all domains on the host.

    Google already offers this in Gmail/Gsuite:
    https://support.google.com/a/answer/2520500?hl=en

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable OCSP stapling ans HSTS for Plesk panel

    OSCP stapling and HSTS can now be enabled for domains using SSL It! estension.
    However these settings cannot be enabled while securing Plesk panel.
    So it will be really appreciated if such functionality is included in future Plesk updates.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add exceptions to automatic 301 redirects to https

    Automatic renewal of Let's encrypt certificates does not work when automatic redirects to https are enabled.

    It seems that Let's encrypt needs do excess the .well-known directory over http and fails if it receives a 301 redirect. It would be helpfull if the redirect could be specifically disabled for certain directories.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Social Login SSO - Microsoft O365 Support

    Support Microsoft O365 for the Social Login extension for single-sign-on (SSO).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add the option to forbid execution of files in Plesk for Windows

    In Plesk for Windows, add options to forbid executing .exe, .bat and other executable files in order to prevent starting of malicious scripts.
    It should be added to domain and server-wide levels.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Filter POST and PUT requests, but keep GET available

    It is needed to block PUT and POST requests from specific country, but keep GET available. For example, I do not want China to send POST and PUT to my server, but they are free to send GET in order to receive website's content.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. The possibility to manage Fail2Ban jails via CLI

    Currently, ip_ban utility does not allow to manage jails, for example, RECIDIVE jail.

    https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/6174932-fail2ban-setting-findtime-per-jail

    It is possible only via GUI

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Bind poppasd service to localhost only

    Currently poppassd listens on all IPs. Due to that an intruder can connect to the service via 106.
    Please implement binding of poppassd to localhost only.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Enable excluding folders on Protected Directories

    Right now it is not possible to use a protected domain on /, while using Let's Encrypt, as it also "protects" /.well-known.
    Please add a general function to add single un-protected directories.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Anonymize IP in logs instead of disabling them completely

    It would be great to have an option to anonymize IP addresses, not to disable it completely to get rid of issues with statistics displaying. For example as it is for Plesk on Linux.

    Currently, Plesk for Windows has an option to completely disable IP addresses logging In Tools & Settings > Server Settings which affects web statistics.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Remove the certificate for securing mail from Plesk

    There is no option to remove Certificate for securing mail via Plesk UI, the only option is to switch it to another.

    Please add feature to unassign the certificate.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. add permission to disable "certificate selection"

    Add permission to disable "for certificate selection"

    Use case: if "hosting management" permission is disabled in Subscription > Customize > Permissions > Hosting management - uncheck, an additional Plesk user still able to select SSL certificate in "hosting settings" of domain. User can set certificate to none and thus violate website security.

    Add option in Permissions to forbid certificate selection by user to prevent such cases.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Security Policy per subscription

    To be able to set specific security policy per subscription instead of server-wide.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Change the "secure settings preset"

    In the "Hosting Settings" menu, if the «Security» sub-menu, there is a link «If you want the provided hosting to be the most secure, apply secure settings preset.»

    When we click on "apply secure settings preset" PHP version is changed and some options on the same page are also changed.

    Where can we define the PHP version to be selected by this setting ?

    We should be allowed to change these settings in the GUI.

    Thank you

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. ProFTPd with ClamAV support (mod_clamav)

    Compile ProFTPd daemon with mod_clamav support, that FTP uploaded files can be scanned with malware.

    cPanel & DirectAdmin support this:

    https://github.com/jbenden/mod_clamav

    and External Signatures with ClamAV:

    https://malware.expert/signatures/

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Set right ciphers by default on Windows

    There is a documentation how to do it manually: https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/pci-dss-compliance/tune-plesk-to-meet-pci-dss-on-windows.78901/

    but there is no tool to do it automatically (and by default during the installation).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    AFAIU, the request is about right ciphers for SSL configuration. We have a documentation how to do it manually: https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/pci-dss-compliance/tune-plesk-to-meet-pci-dss-on-windows.78901/ but have no tool to do it automatically, so, this is a valid request, we’ll look into it.

    There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!

    — rk

  19. I would like to ban an IP address from the log view of a domain.

    It would be nice if while examining the web logs from the user or admin control panel, that you could block an IP. Possibly write an entry to the htaccess file.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make Plesk more robust when concurrent operations were made

    In many cases, iftwo admins are doing operations on the Plesk GUI at the same time, issues arises.

    For example, if you switch the IP for outgoing mail while you're restoring a domain backup, such domain will change their IP automatically to a wrong one, and the whole domain stops working.

    For your reference, see my ticket #2043269

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base