Skip to content

Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

137 results found

  1. Goolge 2 factor authentication for Repait Kit page

    Implement Goolge 2 factor authentication for Repait Kit page t https://example.com:8443/repair

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  2. In domain logs allow select all function in order to copy to firewall rules

    This feature requests comes from having to manually copy and paste bad IP's from the domain log files. It would be a request that when you carried out a search for say POST /xmlrpc.php HTTP/1.0 or GET /wp-login.php HTTP/1.0 from brute force hacking or malware bots you can easily just select all, then paste this over to the block list in the Firewall rules.

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    This request only received 2 votes during 3 years. It did not become popular. It may also not be the best possible choice to block individual IPs like suggested as attackers frequently change IPs which will easily result in hundreds or thousands of blocked IPs in the firewall. That again will slow down network traffic. Instead we suggest to use Fail2Ban that comes with Plesk to automatically block attacker IPs. Fail2Ban has the capability to analyze log files automatically, to identify trouble sources and to ban these IPs for a pre-defined duration.

    -- PD

  3. logout email users and reset passwords without notifying all users

    firing an employee with access to a well established email account. Don't want to close the email account but want to lock out ex employee. Need to log out all users and reset password but when I reset the password I can't log everyone out and they all get the update....... not helpful

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  IgorG responded

    Upd: Sorry, we are closing the request as no information were provided for over a month.


    
IG

  4. Add the possibility to protect Plesk panel with Web Application Firewall (ModSecurity)

    Plesk should provide a way to secure the Plesk administration panel with the Web Application Firewall (ModSecurity).

    Currently, when Plesk is accessed via 8443, Apache is not handling any request. However, when Plesk is accessed via port 443, Nginx is working as a proxy.

    This setup should be changed, Apache should work as a proxy to be able to filter the HTTP request with ModSecurity, adding an additional security layer.

    5 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    We do not see how this feature could improve Plesk security. All Plesk panel functions are behind a login, and the login can effectively be protected with the existing Fail2Ban jail. Also, this request only received very few votes through many years. We must decline it.

    -- PD

  5. A feature that enables storing logs, complaint and non-complaint to GDPR in Windows.

    The idea is to have non-compliant GDPR logs so debugging can be done and compliant GDPR logs that don't contain IPs for example.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  6. independent passwords for database and user interface

    To allow Plesk to have an independent admin user password for database, which won't be the same as the graphical user interface.

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    This feature request has been reviewed. We came to the conclusion that currently there are no plans to update this part of the software. For specific requirements it is possible to add additional user(s) to the database that have privileges that allow full access to all or limited access to a specific instruction set. There are no limitations on this procedure so external access such as monitoring can be achieved by this simple workaround. Please consider this workaround if you require access to the database.

    -- PD

  7. fail2ban notification

    Make Fail2Ban send notifications when the server is under attack

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  8. Change/adapt the rules for classifying a password?

    Example: Would be a bad idea but is it possible to change the ruling so the password "test" is classified as very strong?

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  9. Add function to block virus/trojan sender (Kaspersky KAV)

    Every day I get thousands of virus and trojan mails that are filtered by Kaspersky. But there is no possibility to block the senders of these mails.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  10. План защиты

    1) Убрать вход в Plesk по ИП сервера!

    2) При входе, если меняется ИП клиента, то сделать проверку на e-mail, с любым кодом! Который указан у клиента.

    3) Дать возможность, менять порт :8443 в системе Plesk.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    Спасибо за предложения, но, пожалуйста, создайте отдельный feature request для каждого предложения, и напишите их на английском языке, чтобы за них могли голосовать не только русскоязычные пользователи.
    Кроме того, пункт 3 уже существует. В последних версиях Плеск вообще можно не использовать этот порт.
    Этот запрос я закрываю, как неверно созданный.

    IG

  11. More of a suggestion this is a question... Why my web browser shows that Plesk website is not secure?... am I missing something?

    More of a suggestion this is a question... Why my web browser shows that Plesk website is not secure?... am I missing something?

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  12. provide two factor authentication for every login screen

    provide two factor authentication for every login screen

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  13. Add the option to forbid execution of files in Plesk for Windows

    In Plesk for Windows, add options to forbid executing .exe, .bat and other executable files in order to prevent starting of malicious scripts.
    It should be added to domain and server-wide levels.

    6 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  14. Manage all Firewall rules via Plesk GUI on Plesk for Windows

    Ability to manage all Firewall rules via Plesk GUI on Plesk for Windows

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  15. Extend Fail2Ban rules for Wordpress xmlrpc.php

    Extend the Fail2Ban Rules for Wordpress xmlrpc.php, because of many bruteforce attacks on this.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  16. Individual Users should have access to setup their own Session Expiry Time on Plesk

    Since Hosting providers use plesk on Shared Environments where users are forced to use the same session expiry time shared on hosting server for all shared clients. If Plesk can provide the logged in shared user to set their own Session Expiry time then it would be superb.

    Regards,
    Mody

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  17. Filter POST and PUT requests, but keep GET available

    It is needed to block PUT and POST requests from specific country, but keep GET available. For example, I do not want China to send POST and PUT to my server, but they are free to send GET in order to receive website's content.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  18. Force root ssh login to "without-password", with GUI option to "enable root login with password for 10 minutes"

    Twofold:
    1) Create a scheduled process that reconfigures /etc/ssh/sshd_config
    -- if "PermitRootLogin" is enabled, change it to "without-password"

    2) Add an option in the GUI to allow ssh root login with password for 10 minutes, 30 minutes or 60 minutes

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

  19. Fail2Ban rules block IP's permanently

    Ip's not only temporary ban but directly permanent

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    I suppose that this is more a feature request to the developers of fail2ban, but not Plesk. Because when restarting fail2ban service, it will lose all addresses, because fail2ban does not remember them, it just scans the logs at restart, so if there are no logs, then this permanent IP will be unbanned.
    It may be released with Plesk firewall, but not fail2ban.

    IG

  20. Free SSL / TLS Certificate (EV or OV Type) for Plesk Login

    In order to ensure secure login and administration even with Plesk, plesk itself should issue a free SSL / TLS certificate (EV or OV type) from Plesk.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
2 4 5 6 7
  • Don't see your idea?

Feature Suggestions

Categories

Feedback and Knowledge Base

(thinking…)