Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
2086 results found
-
Prevent Postfix from modifying "From" Header for authenticated users.to mail address that doesn't belong to them
An authenticated SMTP user (e.g., user1@example.com) is able to send emails with a different "Mail From" address (such as user2@example.com), even though both addresses belong to the same domain. This behavior is undesired, as it allows users to impersonate other valid users within the domain.
Our goal is to prevent this kind of spoofing by enforcing a match between the authenticated SMTP identity and the actual sender address.
2 votes -
customize the link of full documentation on Mail Client Setup
Provide to user the abilitiy to customize the link from "see full documentation with screenshots" and customize the URL in this link in Domains > example.com > Mail > Mail accounts > Mail client setup:screenshot points to a custom link
2 votes -
Add CLI Support in WP Toolkit to Apply Security Measures (e.g., disable XML-RPC)
Currently, WordPress Toolkit in Plesk does not support applying security measures (such as blocking access to xmlrpc.php) via CLI.
This limits automation and scalability, especially for hosting providers managing multiple WordPress installations.
Please consider adding CLI options to apply specific security measures—similar to what’s available in the UI and API—for improved scripting and bulk management capabilities.
2 votes -
Show LetsEncrypt certificate expiration date in certificate management
As LetsEncrypt keeps on telling me to renew my certificates and plesk tells me that it automatically renew's 30 days before expiration, it would be handy to actually SEE the expiration date in the Certificates overview under Tools&Settings -> SSL/TLS Certificates directly in the list view and also in the detail view of the certificate, if you click on one certificate.
1 vote -
add read-only API access
Especially for automatically executed scripts that use the XML or REST API, it would be much more safe and secure to have read-only credentials.
For instance, for a script that automatically publishes the current list of sites on our intranet, and a script that uses what's in Plesk for automatic billing, we really don't want to store credentials with them that allow them (or anyone who steals those credentials), to change anything (e.g. delete everything).
This requires the creation of a new type of attribute on users or authentication tokens: read-only.
Ready-only users or tokens can be used to make…
1 vote -
Add a configurable option in Plesk to retain the existing private key when renewing a Let's Encrypt SSL certificate
Add a configurable option in Plesk to retain the existing private key when re-issuing or renewing a Let's Encrypt SSL certificate.
This would be useful in environments where DANE/TLSA support is enabled. Retaining the same private key ensures that TLSA records (e.g., type 3 1 1) remain valid across certificate renewals. This is critical for maintaining secure SMTP delivery and avoiding disruption in DNSSEC-enabled domains.
3 votes -
Create a tool to anonymize logs before it rotated using a cronjob
Create a tool to anonymize logs before it rotated using a cronjob. It still have time to be processed by fail2ban and modsecurity, but still GDPR compliant.
2 votes -
Unable to select “All” domains in Plesk: Option missing from dropdown
In Plesk, the "All" option for selecting domains on the Domains page is hidden when the number of domains exceeds 500.
While this improves performance, some administrators require the ability to select and print all domains and aliases.
It would be helpful to make this behavior configurable — e.g., via panel.ini or a toggle — for experienced admins on high-performance servers.2 votes -
Limit site bots instead of blocking
Bots blocking negatively affects sites SEO.
Need ability to limits bots instead of blocking2 votes -
reject email when dkim is missing
Add the ability to configure Plesk to reject all incoming emails that have no DKIM.
In other words, when email comes with DKIM Feed: No signature1 vote -
Automatically Disable Maintenance mode
It would be nice to make it possible to automatically disable maintenance mode if a timer is connected (like a checkmark to disable maintenance mode when timer expired).
We quite often want clients to publish their sites early in the morning (5am/6am) and have to set an alarm outselves, wake up at night, just to disable the maintenance mode.
We always put a count down timer when the website goes online. It would be nice if once the timer is finished the maintenance mode would get disabled so we wouldn't have to do this manually.
1 vote -
add a general rate limit option for service connections in iptables
Similar, but not the same as proposed in https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/46431970-add-rate-limiting-rules-to-fail2ban
Problem:
Scrapers and bad bots are reacting to an increased propagation of Fail2Ban bad bot rules. Their new tactic is to collect a number of domains hosted on the same ip address first, then to send burst style requests to all these domains "at once" so that they get a response before Fail2Ban rules kick in to ban the ip address of the requestor. Since 3/2025 in some cases it has been observed that these attack style bursts can be so massive that they drive up the cpu usage of a…1 voteThis is a valid request, so we'll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
-- SH
-
Scheduled Plesk repair runs with admin email notification in case of errors
schedule plesk repair so it runs at specific times and notify admin of any errors
2 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Limited service plans for resellers
Resellers can now create their own service plans. It would be a good addition that resellers can only use predefined service plans, so that hosting providers have more control on eg. CPU and memory allocation.
7 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Implement Ubuntu 22 to 24 upgrade script
Implement Ubuntu 22 to 24 upgrade script
2 votes -
Introduce a built-in CLI tool (e.g. plesk bin monitoring) that allows administrators to monitor and report memory limit breaches
Introduce a built-in CLI tool (e.g. plesk bin monitoring) that allows administrators to monitor and report memory limit breaches across multiple domains or subscriptions.
The goal is to provide a fully CLI-based method for identifying which domains have exceeded memory limits — particularly in environments where GUI-based tools like Resource Controller (ResCtrl) are disabled, or when automated monitoring scripts are needed.
2 votes -
Synapse Matrix with Element and Synapse Admin incl. coturn etc..
Synapse Admin with Element Web and Synapse Admin incl. coturn and User regestration .
1 vote -
External Links inside Plesk CP
Open all external links from inside Plesk CP with new tab. Currently only about half of these links open in new tab and it's a PIA when they don't.
1 vote -
MFA extension does not generate security codes
Most accounts with MFA have the option of generating emergency one-time codes to ensure continuity of the account. Currently, If one user loses its MFA device, the extension has to be reinstalled, which will cause all users having to reset their tokens,
2 votesThis is a valid request, so we'll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
In the meantime, if a particular user loses access to their MFA device, you can deactivate MFA only for that particular user by:
- Logging into Plesk panel as the admin user
- Navigating to Extensions > Multi-Factor Authentication (MFA) > Accounts tab
- Clicking on the Minus icon next to the corresponding user.
It is not necessary to completely reset MFA and affect all users on the server.
-- SH
-
Option to disable image optimization in Sitejet galleries
Currently, Sitejet galleries apply automatic image optimization including resizing and cropping. While this works well for most use cases, it introduces issues for specific workflows where image quality is critical — for example, high-resolution photography or imported images that were already optimized.
We suggest adding a checkbox to disable image optimization per gallery image, similar to how the “Optimized” toggle is being considered for regular image elements. This would allow developers and designers more control over the final output.3 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
- Don't see your idea?