Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
128 results found
-
Expand 2FA options: Yubikey, WebAuthn (FIDO, FIDO2, U2F), also HOTP counter-code for existing Google Authenticator
Add two-factor-auth for YubiKey.
233 votesThank you for your input. We will explore the possibility of implementing YubiKey in upcoming releases.
-
chacha20_poly1305 QUIC
Plesk need to Support chacha20_poly1305 or QUIC better both
It's faster than the normal https Socket and more Secure, QUIC can used in https also http and safer as SPDY15 votes -
Maldet for linux inside Plesk
Hello,
is better if such as "wordpress toolkit" you implement this software in plesk https://www.rfxn.com/projects/linux-malware-detect/ + ClamAV (is more faster the maildect search).
With this way, anyone can scan our website from malware. And after scan, the user need to have an notify via email or directly into plesk. This inscrease the security of website and also increase the plesk security.
I use it somethimes for scan all website into our web hosting, and I found it very usefull for prevent serius problem of botnet, hacked website etc.
I hope that you can consider to implement this function.
Regards
124 votes -
Windows Fail2Ban
The new security option for plesk 12 is Fail2Ban, but it is only for Linux version.
There is an opensorce for windows.
http://www.digitalruby.com/securing-...icated-server/
I suggest to Parallels Team include this.
133 votes -
Support of SELinux
Attacks to web servers are in increasing. All modern Linux distribution come with SELinux. SELinux is a perfect way to avoid an attacker to get privileged access to the OS. Currently, Plesk is not supporting SELinux.
Support should be added. A policy should be provided to configure SELinux to support all PLESK relevant actions on the server.12 votes -
Fail2ban setting findtime per Jail
In Fail2ban (great idea to include it in plesk!) settings you can set "Time interval for detection of subsequent attacks" (findtime) in general. But it would be interesting this setting per Jail.
Why?
you could have 2 jail with same filter but different findtime. Example:
Jail 1) 5 failures in 600 seconds: 1800 seconds ban
Jail 2) 30 failures in 86400 seconds: 604800 seconds banThere are bots that detect if you have some protection fail2ban or similar and it will adapt, login attempt every 300 seconds for example. Jail 1 no detect this attack, but Jail 2 yes.
64 votes -
Create daily md5-hashes of the web-content of a domain, to quickly identify tampering or hacking.
Let Plesk on every night optionally create/compare md5-hashes from all files in the domains storage-space (web,httpdoc,ftp) and update this in a simple list (database), sortable by date of last change, size, number of changes. Indicating "changed files in the last xx days" to have a time-window to drill down.
In addition, accumulate all vhosts together into a seperate "Admin-View", where ALL domains are put together alphabetically.
Add an additional button "snapshot", so one could create a list of all webfiles on request. For example, when an incident has been cleaned, then click "snapshot" and then wait some time to see…
70 votes -
Naxsi - web application firewall for Nginx
Naxsi is an open source, high performance, low rules maintenance, Web Application Firewall module for Nginx
43 votesThank you for your input. We will review this nginx module to see if we should support it out of the box
- Don't see your idea?