Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Hi, i am missing a simple cloud server app for secure sharing data with Friends like a simple DropBox with Password protect

    Hi, i am missing a simple cloud server app for secure sharing data with Friends like a simple DropBox with Password protect

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Export locked IP addresses from Fail2ban to a text file

    Export locked IP addresses from Fail2ban to a text file
    upload it automatically to an FTP. So you can still use the IP addresses with other services.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add option to Whitelist IP in Fail2Ban and mod_security

    I always need to whitelist IPs in Firewall, Fail2Ban and mod_security.

    u could add at least an option to also whitelist fail2ban in mod_security or even make two checkboxes in Firewall whitelisting to whitelist ip in all three modules.

    also usage of dns instead of ip would be greate for example PayPal does recomment to whitelist dns for api!

    THX

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Force root ssh login to "without-password", with GUI option to "enable root login with password for 10 minutes"

    Twofold:
    1) Create a scheduled process that reconfigures /etc/ssh/sshd_config
    -- if "PermitRootLogin" is enabled, change it to "without-password"

    2) Add an option in the GUI to allow ssh root login with password for 10 minutes, 30 minutes or 60 minutes

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Let's encrypt wildcard for domain aliases

    Currently, when requesting a wildcard certificate for a domain with multiple domain aliases, only the main domain gets a wildcard.

    Let say you have a main domain domain.com and have 3 subdomains domain.fr, domain.co.jp and domain.eu.

    When requesting a wildcard certificate including all aliases, you'll get :

    domain.com
    *.domain.com
    domain.fr
    domain.co.jp
    domain.eu

    where it would be more logical and usefull to have :

    domain.com
    *.domain.com
    domain.fr
    *.domain.fr
    domain.co.jp
    *.domain.co.jp
    domain.eu
    *.domain.eu

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. add reseller management in Plesk Multi Server

    Currently it is not possible to create a user in a domain and subscriptions. Why is this feature hidden in a Plesk Multi Server model. This basic functionality for hosters.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Deny access to all dot files by default

    A lot of web applications that are either built or simply installed on a website use dot files and folders, whether those be .htaccess, .git, .env, etc.

    Generally speaking dot files and folders are used to store either sensitive files or backend configuration which you would never want users to be able to access.

    By default Apache has some protection built-in to restrict accessing dot files, but Nginx does not. This creates a potential security risk, for example I might install a web application or build one which has dot files in the public root, these most likely would be…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. pin

    I think a call in pin would be nice. Something that the user can change, but it is kept hidden unless they are logged in and click on it to see it. This will allow for end users to request help securely.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Description field for IP restrictions

    Here is my idea : add a description field for IP administration restriction access

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. control-panel-access - add ddns support

    Please add DDNS Support for "control-panel-access" (Limit Admin Login) - Would be very helpful to restrict Admin Logins if no static IP Address is available ...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Let pci_compliance_resolver --enable postfix also set FORWARD SECURITY and go dor TLSv1.3

    Even though server supports TLS 1.2, the cipher suite configuration is suboptimal. It is recommend to configure the server so that the cipher suites providing forward secrecy (ECDHE or DHE in the name, in this order of preference) and authenticated encryption (GCM or CHACHA20 in the name) are at the top. The server must also be configured to select the best-available suite!

    also there is TLSv3 https://tools.ietf.org/html/rfc8446
    (and draft is used already a long time by many;)

    http://www.postfix.org/TLS_README.html

    And while Playing on Mailserver think about MTA Strict Transport Security (Draft standard) and Email DANE / TLSA.

    THX

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Entered Password field

    Show when a password field has a previously entered password. (as dots)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. easy htacces

    Edit htaccess only once, and use it where needed

    OR

    Split htacces into 3 sections, then use 'em where needed:
    - allow-deny
    - bad bots
    - other functions (redirect, passwords, etc)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Whitelist rkhunter warnings caused by Plesk

    rkhunter security scan will always show security warnings caused by Plesk, as per https://support.plesk.com/hc/en-us/articles/115001160954-What-Watchdog-warnings-may-be-safely-ignored

    You should whitelist these warnings by default.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. add support for ufw firewall extension to iptables

    As it is hard to configure iptables, the current solution for setting up firewall rules out of plesk is awkward - understood. But wouldn't it be easy to add support for ubuntus ufw and similar handlers (like fail2ban), iptables forwards packets to? You could simply save and restore the corresponding ufw rules in iptables (as you do with other rules) and add an option to activate ufw (and similar if available on the system) on the firewall setting page. This immediately solves the requests for outside configurable firewall rules as in blocking malicious misbehavin attackers out of a script run…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. google two factor authentication for password protected directories

    google two factor authentication for password protected directories

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Temporarily show an inputted password in web-form to check caps-lock and language

    It would be great if Plesk allowed the option of being able to see the password. Many sites offer this capability now to ensure the administrator has not typed in the wrong password when logging in

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Custom Blocklist.

    Is it possible to add a rule with downloadable html list of bad IP addresses from a central webserver for multiple plesk installations

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base