Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please develop a "Two-factor verification" option

    Please develop a "Two-factor verification" option using email and google authentication app or mobile to log in to Plesk for additional security against cyber attacks.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Create security.txt

    Help admins and customers to create a security.txt file when creating a site in Plesk Panel, see https://securitytxt.org/
    No details yet.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. mac authenitcation support

    Hi there,

    i have the 2 step authentication active on plesk login but it only provide support for google authenticator. and plesk is the only website i have in google authenticator so i have to keep the app just for plesk. Please add support for apple also where we can setup 2step authentication with setup key in keychain passwords or any other app easily with relying on google. thanks

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Implement logic for DDOS protected domains

    As a hosting company we should have an option to give customers ddos protection.

    The only implementation that works great is taking a domain, secure it with ddos protection service and generate customers a subdomain under this domain.

    Lets say, example.com is protected under ddos protection software.
    A customer clicks on "add domain" and if we blocked the option to add any domains, there will be only generated a subdomain under example.com, EG: website1223153.example.com

    This subdomain would be protected by a ddos protection service.
    The customer can create a CNAME to website1223153.example.com in order to connect his domain to the…

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Add support to Atomicorp rulesets for ModSecurity 3.0 (nginx)

    At the moment you can only choose the OWASP ruleset in the Plesk UI for ModSecurity 3 (nginx). Please add support to Atomicorp rulesets as well.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. Manage all Firewall rules via Plesk GUI on Plesk for Windows

    Ability to manage Windows Firewall rules not added by Plesk. I.e., the rule added by MySQL installer

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. add option to preload hsts

    can you add the option to the hsts switch to add preload option?

    i have to disable the hsts switch and manual add this option to the Nginx directive as so

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Add Plesk password generate button to the Create user for the protected directory form

    Add a Plesk password generate button that matches with the server password policy level in the Create user for the protected directory form

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Make Plesk Firewall add/change rules incrementally without restarting the whole service

    Make Plesk Firewall add/change rules incrementally without restarting the whole service.

    Now Plesk firewall reloads all rules in iptables when rules are changed in firewall (all rules are added anew). If there is a long list of blacklisted IPs or server is under a brute-force attack and there are a lot of IPs blocked by the Fail2Ban, adding/changing any rule via Plesk Firewall will cause server restart that is taking a lot of time due to a large number of blocked IPs.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. NS in the firewall

    About the firewall, access can currently be allowed from manually added IP addresses. I think it would be a good idea to be able to add nameservers to allow FTP and SSH access from places where the IP changes periodically.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. Add a possibility to enable debug for iptables using Kernel TRACE

    It would be great to have an ability to enable dubugging as describe here: https://serverfault.com/questions/122157/debugger-for-iptables/126079#126079 using Plesk Firewall

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. Restrict webmail based on IP address

    It would be great to have a way to limit webmail access for a given domain by IP address, so that the client has to be in their office network, or VPNed in to their office in order to access webmail.domain.tld

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. Show if server needs reboot

    It should be nice to have a notification if server needs reboot inside plesk.

    Like after big updates ( kernel , os components ... )

    Like message when you connect to SU in SSH.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. Prohibit using same passwords

    Forbid specifying an already used password as new when resetting it.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. Create option to allo Plesk login via CLI only

    Allow customers to set Plesk login so that it only accepts the CLI-generated secret key and will not take in credentials. This will essentially work as a 2FA enforcement as only admins with SSH access will be able to log into Plesk, thus reducing the exposure to brute force attacks.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  17. Disk encryption

    Disk level encryption.
    Similar to what AWS offers with RDS.
    Encryption at rest for the entire server rather than doing it column by column manually.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  18. To make it easier to configure DKIM, SPF, and DMARC Protection are automate the process

    The guidelines about how to enable DKIM, SPF, and DMARC Protection are difficult to read and understand how to implement. It would be easier to automate this process. Especially because those are very important for mail and web safety.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  19. I need TTF (True Type Font) support for use with/in a PHP Captcha class.

    There are different kind of Security steps we have to take in use for the user interaction. CAPTCHA is the main item in this respect when we provide users with front end data input(via any form) and in some cases all forms do not support Google Re-Captcha, then we have to use custom PHP Captcha class to complete the security steps of user submitted data within a form.

    For most of the character based Captcha, they mostly used TTF font (True Type Font).

    So, Please add support for TTF Fonts with Plesk.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  20. support algorithm 16 (ed448) in DNSSEC

    Recognising the increasing challenges in these times, would welcome the implementation of the Edwards-curve Digital Signature Algorithm (EdDSA) type ed448 for security and to keep ahead of the curve (sic.) on the cryptographic front...

    interesting tool here too for those interested in checking out where they're up to with browser support (and to know the differences between the different algorithms): https://ed448.no/

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base