Add a possibility to specify Temporary directory for ASP applications outside of the subscription root.

Please develop a "Two-factor verification" option using email and google authentication app or mobile to log in to Plesk for additional security against cyber attacks.

In the UI, at Tools & Settings > Update Settings, it is possible to set a notification to be sent when updates are available or were installed.

In the UI, it is possible to set the notification to be sent either daily or weekly. However, the corresponding CLI option plesk bin notification --update -code adminpumupdates has no option to set the notification frequency. Please add an option to set it via CLI as well.

Help admins and customers to create a security.txt file when creating a site in Plesk Panel, see https://securitytxt.org/
No details yet.

At the moment it is not possible to use the Comodo ruleset with ModSecurity 3.0(Nginx).

Due to this xmlrpc.php brute force for WordPress is not protected, which is allowing Plesk server to be vulnerable to xmrlpc.php attacks

It is required to customize temporary domain names generated by Plesk from subdomain.203.0.113.2.plesk.page to subdomain.203.0.113.2.example.com to have own domain for branding reasons

Please add GUI buttons for common npm scripts in Node.js extension.
For example, implement the buttons to execute "npm start" and "npm build" - this will be helpful in case the application does not have a classic startup file and has to rely on npm scripts

Add the ability to manage the default WordPress Toolkit Security Measures before setting up the instance, e.g. via some options in panel.ini.

Add feature of sending an email notification to customer when customer/domain is suspended manually.

Add a hook for https for docker proxy rules:

https://talk.plesk.com/threads/docker-the-plain-http-request-was-sent-to-https-port.365419/

Please implement a toggle in the WordPress Toolkit security section to disable / prohibit XML-RPC entirely, not just pingbacks like in the current state.

I only use Plesk for mail hosting and there is too much junk I do not need. I would love to see an email-focused Plesk version that provides all the necessary tools to have the best email hosting panel and appropriate licence. No WordPress or other server tools. Just focus on email security delivery and management with a special licence.

The problem we are facing is that Plesk's Node.js extension expects an entry point for the app (like app.js) but next.js doesn't work that way.
The expected workflow as explained here (Learn - Deploying a Next.js App | Next.js) is to run the app using npm via the command line using "npm start" after you have built the app and next.js handles the rest internally.

It'd be great to have an option to permanently alter the grafana's charts properties(colors, etc.)

Please add a way to limit the number of aliases for mailboxes on the Subscription or Service Plan level.

It would be great to have an ability a report of the total number of emails sent by each user per month or other timeframe

It'll be useful to have multiple vhosts, mailnames, dumps directories at the same time.
When the server gets out of disk space it'll be great to be able to just add a new disk and use its disk space without changing the location of the original directories.

We want to use an email gateway on our Plesk servers, however when adding such gateway in Whitelist, other services still take place (for example SpamAssassin, which marks emails as spam).
That shouldn't be like this, and we expect that when whitelisting a server, mails from it will always arrive.

Everytime I clone an wp site from dev to prod I have to run search and replace after because the cloning feature does not automatically adjust the database urls.