Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
36 results found
-
Please develop a "Two-factor verification" option
Please develop a "Two-factor verification" option using email and google authentication app or mobile to log in to Plesk for additional security against cyber attacks.
4 votesThis functionality has been available for a long while with the Google Authenticator extension that can be installed for free from the extensions catalog.
-- PD
-
upgrade owasp modsec 3.3.2
Hi devs !
Actual plesk owasp modsec version is 3.2 from 2019.
Could you update to the last version ? ( 3.3.2 )Thanks in advance
1 voteIt is already there:
Plesk 18.0.40
[root@ppu18-0 ~]# rpm -qa plesk-modsecurity-crs
plesk-modsecurity-crs-3.3.2-2.centos.7+p18.0.38.0+t210825.1032.×86_64Please use the latest version of Plesk.
—
IG -
To make it easier to configure DKIM, SPF, and DMARC Protection are automate the process
The guidelines about how to enable DKIM, SPF, and DMARC Protection are difficult to read and understand how to implement. It would be easier to automate this process. Especially because those are very important for mail and web safety.
2 votesWhen you add a domain in Plesk and Plesk is also the nameserver for your domain, DKIM, DMARC and SPF records are automatically added to the DNS configuration. If you do not have DKIM enabled by default but add it later, the record is added to DNS, too. There is no need for manual configuration when you use Plesk for DNS.
-- PD
-
I need TTF (True Type Font) support for use with/in a PHP Captcha class.
There are different kind of Security steps we have to take in use for the user interaction. CAPTCHA is the main item in this respect when we provide users with front end data input(via any form) and in some cases all forms do not support Google Re-Captcha, then we have to use custom PHP Captcha class to complete the security steps of user submitted data within a form.
For most of the character based Captcha, they mostly used TTF font (True Type Font).
So, Please add support for TTF Fonts with Plesk.
2 votesTTF themselves are just font files. If you want to create images including TTF fonts, this is solely done by your software and does not need any specific support on the web server or operating system. If you want to enable TTF downloads, meaning that TTF can be used by surfers directly from your website, you need to add a MIME type for your file. This can already be done and is described here: https://support.plesk.com/hc/en-us/articles/115003017653-How-to-configure-MIME-types-for-a-domain-in-Plesk
Should this not meet your expectations, please add a more detailed description to this feature request what you understand by "support for TTF fonts".
-- PD
-
plaace a reset security key in pleask so when people like myself can not enter
i suggest you have an override security key to access unaccessible servers, my server is not accessible at present and if only an ssh key that plesk owned could access with client credentials applied also to do a 2fa sytlye system so no privacy infringement aware broken
1 voteYou can always get/reset Plesk admin password with help of this KB article, for example https://support.plesk.com/hc/en-us/articles/213381869--How-to-get-reset-lost-Plesk-Administrator-password-in-Plesk-for-Linux
—
IG -
Add the notification in Plesk that Fail2ban is enabled or disabled
Add the notification in Plesk that Fail2ban is enabled or disabled so that Plesk Admin can see if tFail2ban service is working or not in Tools&Settings > Fail2Ban, e.g. "Fail2ban is active".
3 votesThe information is available on the start page dashboard as "IP Address Banning". Inside the Fail2Ban configuration it is available on the "Settings" tab (checkbox "Enable intrusion detection").
-- PD
-
How can I update the PHP-version?
the PHP-page does not give that possibility.
Pleas make one.1 votePlesk regularly updates versions of PHP. You can verify this in our changelog – https://docs.plesk.com/release-notes/obsidian/change-log/
You do not need to worry about it.
—
IG -
SEO 301-Forwarding HTTP to HTTPS for webmail.x.x too
Same as for websites www.x.x, but for webmail adresses webmail.x.x
It's security relevant, because http://webmail.x.x ist still default.tia
Andreas4 votes-- PD
-
Add exceptions to automatic 301 redirects to https
Automatic renewal of Let's encrypt certificates does not work when automatic redirects to https are enabled.
It seems that Let's encrypt needs do excess the .well-known directory over http and fails if it receives a 301 redirect. It would be helpfull if the redirect could be specifically disabled for certain directories.
3 votesCertificate renewals became independent of tokens hosted in user directories and since then can be done regardless of the SSL/non-SSL setting.
-- PD
-
1 vote
-- PD
-
Block client IP for SQL Server for multiple failed logins remote connection
When database remote connections are allowed from any host, there are numerous failed login (hacking) attempts.
Database logs show failed attempts are usually for multiple login Ids and from multiple IPs at the same time.
Although strong passwords ensure safety to a level, it would be better if such attempts could be blocked to some more extent by configurations/settings like:
* Blocking an IP after n failed login attempts.
* Manually block/unblock an IP like a Blacklist/Whitelist IP option.
* Unblocking can be auto after a configurable time span e.g. 30 min, 6 hours, 24 hours etc.
* Database server…1 voteYou can use Plesk fail2ban feature with special mysql jail. More details you can find here https://talk.plesk.com/threads/fail2ban-for-mysql.343704/
—
IG -
CLI for Security Advisor
Plesk now has the wonderful Security Advisor feature. It desperately need a CLI interface to automate securing websites on multiple servers, especially in the light of incoming changes to Chrome and Firefox, and Google search results requiring SSL.
1 votePlease use
plesk ext advisor —help
Thanks.
—
IG -
Easily manage ssh authorized keys per domain
Allow adding ssh keys to the "Web Hosting Access" page of a domain, so that I can easily share ssh access to a domain.
1 votePlease use SSH keys manager extension https://ext.plesk.com/packages/2f00d082-7349-4d0b-bfd4-b4c624955806-ssh-keys
—
IG -
Security: Support TLS1.3
Support the new version TLS1.3 for webserver and email. Most of the Browser already support it.
8 votesThe support of TLS v1.3 has been implemented in Plesk Obsidian and is available only for RHEL 8, CentOS 8, Ubuntu 18.04, Ubuntu 20.04 and Debian 10 because this protocol requires the version 1.1.1 of OpenSSL, available on official repositories of the aforementioned OSes. Also, TLS v1.3 support is enabled by default on all new Plesk installations on these OSes. For all details please see this KB article:
-- PD
-
nginx session cache
For a better SSLlabs rating add sslsessioncache shared:sslsessioncache:10m;
1 voteYou can add this setting in Additional nginx directives for your site.
—
IG -
You make it simpler for SSL to be installed. Also provide instructions in detail how to add a VPN and dedicated IP
Security and SSL are a topic that Google is stressing on.
It should be simple to implement SSL
1 voteAt the moment you can easily protect your site, webmail with SSL certificate using Plesk Let’s Encrypt extension.
Plesk VPN extension documentation is here – https://docs.plesk.com/en-US/12.5/deployment-guide/appendix-g-configuring-additional-plesk-components-linux/vpn-component.70444/
About using dedicated IP addresses in Plesk you can read here – https://docs.plesk.com/en-US/onyx/administrator-guide/server-administration/ip-addresses-management.59410/—
IG -
Update for rkhunter
An update for rkhunter would be very nice =)
1 voteRkhunter was updated to version 1.4.4 in Plesk Onyx 17.8 Preview 4 https://docs.plesk.com/release-notes/onyx/change-log/#contents-178-preview4
—
IG -
replace the outdated rkhunter in the Watchdog module through state of the art technology
rkhunter as packaged is outdated, however, the project website seems not to be maintained any more and the last update is already years ago (current state: 24th of February 2014, which are 3+ years). There are many possible alternatives: chkrootkit is the easiest one, LMD a bit different, but also an idea, ossec, Lynis or OpenVAS would be additional interesting "upgrade" paths. However, rkhunter being outdated and not really maintained any more is somehow useless and should be replaced.
5 votesRkhunter was updated to new version 1.4.4 in Plesk Onyx 17.8
—
IG -
SpamAssassin Global Configuration Bayes not working by default
If SpamAssasin globally enabled the Bayes Filter is not working by default anymore. The global bayes database has to created manually. Also the "bayes_path" have to be configured in the configuration file. This could be automated. Also a cronjob which executing the sa-learn command every day would be great. The sa-learn command supports the star operator which makes it really easy to scan all mailboxes in one command.
1 voteWe have already /etc/cron.daily/60sa-update sa-learn cronjob enabled by default.
According to the SpamAssassin documentation – http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html , the Bayes system is not activated until a certain number of ham (non-spam) and spam email messages has been learned.
The default value is 200 of each ham and spam messages.It means that SpamAssassin begins to filter mails after 200 spam and 200 none-spam emails has been learned.This statistics is needed to distinguish spam mails.
This default value can be changed in /etc/mail/spamassassin/local.cf by using the following SpamAssassin options:
bayes_min_ham_num 100
bayes_min_spam_num 100
—
IG -
What holds you from a brute force protection panel to take in plask
What holds you from a brute force protection panel to take in plask
1 voteIncluded in Plesk Mod Security – https://docs.plesk.com/en-US/onyx/administrator-guide/server-administration/web-application-firewall-modsecurity.73383/, fail2ban – https://docs.plesk.com/en-US/onyx/administrator-guide/server-administration/protection-against-brute-force-attacks-fail2ban.73381/ will help you with protection from brute force attack.
—
IG
- Don't see your idea?