Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
125 results found
-
Windows Fail2Ban
The new security option for plesk 12 is Fail2Ban, but it is only for Linux version.
There is an opensorce for windows.
http://www.digitalruby.com/securing-...icated-server/
I suggest to Parallels Team include this.
135 votes -
Support of SELinux
Attacks to web servers are in increasing. All modern Linux distribution come with SELinux. SELinux is a perfect way to avoid an attacker to get privileged access to the OS. Currently, Plesk is not supporting SELinux.
Support should be added. A policy should be provided to configure SELinux to support all PLESK relevant actions on the server.12 votes -
Fail2ban setting findtime per Jail
In Fail2ban (great idea to include it in plesk!) settings you can set "Time interval for detection of subsequent attacks" (findtime) in general. But it would be interesting this setting per Jail.
Why?
you could have 2 jail with same filter but different findtime. Example:
Jail 1) 5 failures in 600 seconds: 1800 seconds ban
Jail 2) 30 failures in 86400 seconds: 604800 seconds banThere are bots that detect if you have some protection fail2ban or similar and it will adapt, login attempt every 300 seconds for example. Jail 1 no detect this attack, but Jail 2 yes.
64 votes -
Create daily md5-hashes of the web-content of a domain, to quickly identify tampering or hacking.
Let Plesk on every night optionally create/compare md5-hashes from all files in the domains storage-space (web,httpdoc,ftp) and update this in a simple list (database), sortable by date of last change, size, number of changes. Indicating "changed files in the last xx days" to have a time-window to drill down.
In addition, accumulate all vhosts together into a seperate "Admin-View", where ALL domains are put together alphabetically.
Add an additional button "snapshot", so one could create a list of all webfiles on request. For example, when an incident has been cleaned, then click "snapshot" and then wait some time to see…
70 votes -
Naxsi - web application firewall for Nginx
Naxsi is an open source, high performance, low rules maintenance, Web Application Firewall module for Nginx
43 votesThank you for your input. We will review this nginx module to see if we should support it out of the box
- Don't see your idea?