Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add function to block virus/trojan sender (Kaspersky KAV)

    Every day I get thousands of virus and trojan mails that are filtered by Kaspersky. But there is no possibility to block the senders of these mails.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    Kaspersky Antivirus is a module that scans incoming and outgoing mail traffic on your server, and removes malicious and potentially dangerous code from email messages.
    Do you think that your request should be addressed to developers of this extension – Kaspersky Lab instead of Plesk?
    Isn’t it?


    IG

  2. User Role Permissions

    Users with permissions to edit roles can edit rights that they do not own and create roles with rights that they do not own. It would be ideal if a user who has the permissions to edit roles can only change and assign rights that he owns.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add the possibility to protect Plesk panel with Web Application Firewall (ModSecurity)

    Plesk should provide a way to secure the Plesk administration panel with the Web Application Firewall (ModSecurity).

    Currently, when Plesk is accessed via 8443, Apache is not handling any request. However, when Plesk is accessed via port 443, Nginx is working as a proxy.

    This setup should be changed, Apache should work as a proxy to be able to filter the HTTP request with ModSecurity, adding an additional security layer.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add possibility issue Let's Encrypt SSL certificate for mail server when the "A" DNS record for domain is pointing to another server

    This feature is required for users with the configuration when on the Plesk only mail server for domain is used.

    "A" DNS record for mail.example.com is pointing to Plesk server, when when "A" record for example.com is pointing to another server.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. independent passwords for database and user interface

    To allow Plesk to have an independent admin user password for database, which won't be the same as the graphical user interface.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Centralized SSL Certificate Support

    I would like if you guys can add Centralized SSL Certificate Support in Plesk GUI, it would be easy to manage,
    as I had added a UNC path (\172.16.0.11\shared-certificates) in my Plesk via command line but now I cannot switch back to local path (C:\shared-certificates) as it was configured with UNC path & if I add a local path via command line, it says that the UNC path is not available even though I am using local path.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. SEO 301-Forwarding HTTP to HTTPS for webmail.x.x too

    Same as for websites www.x.x, but for webmail adresses webmail.x.x
    It's security relevant, because http://webmail.x.x ist still default.

    tia
    Andreas

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Nginx Jails to Fail2Ban

    Plesk has - praise be - increasingly better supported Nginx, now with the option to use only Nginx, which is great.

    That being so, now we need the next logical step: The Fail2Ban Jails for Apache are available, but will have no effect, as Apache is not used at all any more. So we need some Jails for Nginx.

    This is not exactly rocket science, there are plenty of examples to be found on the web, the Fail2Ban distribution has some, and here's an article on digitalocean:
    https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-server-with-fail2ban-on-ubuntu-14-04

    Search for: fail2ban nginx 404
    E.g. https://nichteinschalten.de/apache-nginx-404-fail2ban-regex/
    Note The 404 code is…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow adding additional users to a subscription with granular selection of which domain/subdomains he can manage.

    Allow adding additional users to a subscription with granular selection of which domain/subdomains he can manage.

    So that if subscription example.com contains 1.example.com 2.example.com 3example.com.
    We can select as an example only the subdomain 1 and 3

    Same for other components like databases.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Plesk for Windows - RdpGuard

    Please include the security system RdpGuard (https://rdpguard.com/) in Plesk for Windows. And please add configuration from Plesk.
    This is a very good alternative to IP2ban (which is only for Linux).

    Thanks

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Password-protected directories: LDAP / Active Directory

    Fetch users from AD for Password-protected directories

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Adding google recaptcha to plesk login area, or any captcha validation

    Adding google recaptcha to plesk login area, or any captcha validation

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. OWASP security recommendation hide php version from web server by default

    I've noticed that in a default plesk installation the web server is configured to disclose php version. This could be exploited especially with a lot of websites running insecure php versions still.

    I think it's not much trouble to implement this simple "security through obscurity" step to not disclose this information and help attackers detect vulnerabilities in PHP itself.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. WebAuthn two-factor-authentication at the webinterface (FIDO, FIDO2, U2F)

    Implementing the new standard WebAuthn would be the best solution for 2FA.

    23 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email notifications/alerts for Modsecurity (WAF)

    It will be great to have the ability to receive an email notification from Modsecurity (WAF) when protection has been breached with corresponding breach information (SQL injection, Command injection, Cross-site scripting, etc.).

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Individual Users should have access to setup their own Session Expiry Time on Plesk

    Since Hosting providers use plesk on Shared Environments where users are forced to use the same session expiry time shared on hosting server for all shared clients. If Plesk can provide the logged in shared user to set their own Session Expiry time then it would be superb.

    Regards,
    Mody

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Enable OCSP stapling ans HSTS for Plesk panel

    OSCP stapling and HSTS can now be enabled for domains using SSL It! estension.
    However these settings cannot be enabled while securing Plesk panel.
    So it will be really appreciated if such functionality is included in future Plesk updates.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add exceptions to automatic 301 redirects to https

    Automatic renewal of Let's encrypt certificates does not work when automatic redirects to https are enabled.

    It seems that Let's encrypt needs do excess the .well-known directory over http and fails if it receives a 301 redirect. It would be helpfull if the redirect could be specifically disabled for certain directories.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Social Login SSO - Microsoft O365 Support

    Support Microsoft O365 for the Social Login extension for single-sign-on (SSO).

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide ModSecurity 3 modules for supported operating systems

    ModSecurity 3.0 was released about a year and a half ago, and the 2.x branch support seems to decline.

    In addition to that there are some features of ModSecurity 3.x, that would be nice to have:
    * Proper support for webservers other than Apache, without having to resort to an Apache-like wrapper module running within other web servers
    * Better performance due to the architecture rewrite
    * GeoIP2 databases support out-of-box (MaxMind no longer provides new Legacy-GeoIP databases, so this would be very good to have)

    Considering that newer *nix OS (Debian 10, CentOS 7 through EPEL) ship libmodsecurity-3, I…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base