Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
2099 results found
-
Adjust the Website Log Checker to not show errors related to blocked xmlrpc.php requests by ModSecurity
Currently, Website Log Checker flags rejectred access to xmlrpc.php as issues of "Modsecurity: access denied with access code 403" kinds of errors. Additionally, the requests to xmlrpc.php is being blocked by WP Toolkit security measure "restrict access to xmlrpc.php"
ModSecurity protects website by detecting and blocking dangerous requests. If ModSecurity rules are disabled, the extra layer of protection is lost.
Relying only on WP Toolkit to block access is risky. If I forget to set it up, my site could be left vulnerable. ModSecurity is reliable, and I woouldn’t remove it just to clean up logs.
My Suggestion: Adjust the…
2 votes -
Disable custom Service Plans for Reseller
I genuenly need the option to disable the creation of Service Plans on the Reseller level. So all Service Plans (or selected) from the Admin will be available for the reseller to choose from.
Background:
As an Admin I would like to define the service packages, so the Reseller can Choose from the service packages for new users / domains but cannot create or edit them.
So I can have Resellers which can build Websites and manage Customers ontop of my existing pricing structure.Thanks for your Votes and the Implementation.
1 vote -
Add the amount of banned IPs to the IP Address Banning (Fail2Ban) page. Not just on the home screen.
When I am in the screen for Tools & Settings / IP Address Banning screen, it would be helpful to see the number of banned IPs in the top of the screen of the "Banned IPs" tab. Instead of only seeing the list of IPs that are banned and amount amount of pages worth. This seems really simple, but for me it would be effective to quickly see at a glance how many IPs are actually being banned at any given time. This would be a great feature for the newest update of Plesk Obsidian. I am using the WebPro…
1 vote -
Allow importing external DNSSEC keys (KSK/ZSK) into Plesk DNSSEC interface
Allow importing external DNSSEC keys (KSK/ZSK) into Plesk DNSSEC interface
Currently, Plesk’s “Use Existing Keys” DNSSEC feature only works if keys were previously generated by Plesk itself and are already present in its internal database.
There is no way to import an externally generated KSK/ZSK key pair into Plesk’s DNSSEC interface, which makes DNSSEC domain migrations difficult. Users are forced to either rotate the keys and notify the parent zone (risking downtime) or perform manual workarounds outside the GUI.
It would be valuable to add a supported method in Plesk to import legacy DNSSEC keys, allowing seamless migration of already-signed…
2 votes -
8 votes
Thank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Add option to create temporary admin account in WordPress Toolkit for support access
Our customers regularly ask us to assist by logging into their WordPress site. It would be very helpful if the WordPress Toolkit had an option to create a temporary additional admin account, allowing us to log into their WordPress website securely for troubleshooting or support.
4 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Add backup restore (sw-tar) multithreading
Plesk uses its internal sw-tar program for unpacking backups, which currently lacks multithreading support. This results in a significantly slower recovery process when handling a large number of files or large data volumes.
Given the continuously growing data volumes and increasing file sizes, it is time to implement this feature.
5 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
2 votes
-
Secure one way encrypted password storage (no mail_auth_view for gdpr, pci-dss, nis2)
Mail password are encrypted but not hashed.
Clear text password are available using the utility
/usr/local/psa/admin/bin/mailauthviewThis is just symmetric everyone not the good practice. See OWASP :
https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.htmlIt does not meet many regulations (often referring to good practices or OWASP) and it's an unnecessary security risk of password exposure.
Please add an option to have mail user password hashed one way.
Thanks.
2 votesThank you for your input. We are already working on storing only password hashes, rather than actual passwords. I cannot provide any ETA at this moment.
-- SH
-
Show LetsEncrypt certificate expiration date in certificate management
As LetsEncrypt keeps on telling me to renew my certificates and plesk tells me that it automatically renew's 30 days before expiration, it would be handy to actually SEE the expiration date in the Certificates overview under Tools&Settings -> SSL/TLS Certificates directly in the list view and also in the detail view of the certificate, if you click on one certificate.
1 vote -
add read-only API access
Especially for automatically executed scripts that use the XML or REST API, it would be much more safe and secure to have read-only credentials.
For instance, for a script that automatically publishes the current list of sites on our intranet, and a script that uses what's in Plesk for automatic billing, we really don't want to store credentials with them that allow them (or anyone who steals those credentials), to change anything (e.g. delete everything).
This requires the creation of a new type of attribute on users or authentication tokens: read-only.
Ready-only users or tokens can be used to make…
1 vote -
Forward domain logs to an external server through syslog
Provide the functionality to forward the domain logs to an external server using syslog.
4 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
GDPR Compliance – Add Impressum & Privacy Policy Links to Plesk Login Page
To fully comply with GDPR requirements, it would be beneficial to have an option in Plesk that allows adding links to the Impress and Privacy Policy directly on the login page. This ensures that users have transparent access to privacy-related information before logging in.
Requested Features:
Ability to specify Impressum and Privacy Policy URLs via the Plesk UI or a configuration file.
Display of these links at the bottom of the login page (e.g., as a footer or a separate section).
Optional: Customizable link text (e.g., "Impressum" and "Privacy Policy").Benefits:
Ensures GDPR compliance by making legal information easily accessible.…
2 votes -
Add means to control which Master IP address (Private or Public) will be referenced on slave DNS servers
Currently, If Public IP address is added on the Master DNS server under Tools & Settings > IP addresses, all new zones created afterwards will have Public IP address in .nzd/nzf file on the slave DNS server. In case of Google Cloud/AWS this might not be the desired behavior since they recommend to keep the DNS traffic on the private network. Some means of controlling which Master IP address is being referenced on the slave configuration is required.
2 votes -
reject email when dkim is missing
Add the ability to configure Plesk to reject all incoming emails that have no DKIM.
In other words, when email comes with DKIM Feed: No signature1 vote -
Automatically Disable Maintenance mode
It would be nice to make it possible to automatically disable maintenance mode if a timer is connected (like a checkmark to disable maintenance mode when timer expired).
We quite often want clients to publish their sites early in the morning (5am/6am) and have to set an alarm outselves, wake up at night, just to disable the maintenance mode.
We always put a count down timer when the website goes online. It would be nice if once the timer is finished the maintenance mode would get disabled so we wouldn't have to do this manually.
1 vote -
Add support of Drupal CMS to Plesk
Please add support of Drupal CMS to Plesk
Note: it is not the same Drupal which is available in Plesk application catalog
For details please see this link: https://new.drupal.org/docs/drupal-cms3 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Allow possibility to set Let's Encrypt certificate for forwarding domain when the server is using LiteSpeed.
LiteSpeed is a supported web server on Plesk (e.g. unlike Lighttpd or OpenLiteSpeed), so all Plesk functionality should work with it.
It's important that this option is available to the customers via the GUI2 votes -
add a general rate limit option for service connections in iptables
Similar, but not the same as proposed in https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/46431970-add-rate-limiting-rules-to-fail2ban
Problem:
Scrapers and bad bots are reacting to an increased propagation of Fail2Ban bad bot rules. Their new tactic is to collect a number of domains hosted on the same ip address first, then to send burst style requests to all these domains "at once" so that they get a response before Fail2Ban rules kick in to ban the ip address of the requestor. Since 3/2025 in some cases it has been observed that these attack style bursts can be so massive that they drive up the cpu usage of a…1 voteThis is a valid request, so we'll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
-- SH
-
Add a warning and way to switch SOGo webmail to/from regular and nightly repos
SOGo webmail has two repositories, regular and nightly releases. There should be a way to switch between them from Plesk, without having to reinstall the software manually.
Additionally, reinstalling the software removes all configurations. Plesk should have a warning for this, or make it so that they're not lost.
2 votes
- Don't see your idea?