Skip to content

I suggest you...

← Feature Suggestions

add backup password protection to Backup Manager Backups (NO..it doesn't have it at the mo)

This may also be a security issue.
Currently there are no special protection of user content in the backup. Plesk protects only its sensitive data, web content archived without any encryption.

If some gains ADMIN access to a wordpress/drupal/other web applications install parts of the Plesk container file system, cron jobs, etc will be compromised and would undoubtably increase exponentially the chances of the system to be exploited with virus, rootkits, malware “indirectly” affecting Plesk. (as an analogy no point to build a metal wall if the door is still glass)

So, in other words ... if a wordpress installation is compromised the installations of malicious (or not) plugins can lead to the installations of rootkit, malware and virus at the container. I cannot see for a second how this would be good for any Virtuozzo container running Plesk and how you could consider Plesk not being affect if for instance the container is used to conduct a DDOS to a random host.

Initial Thread
http://forum.odin.com/threads/plesk-12-x-x-backup-manager-encryption-security-issue.334691/#post-786917

115 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Ricardo shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
planned  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded  · 

Hello,
Thanks for your input, we understand the importance. This Feature request is registered in our tracking system as PPM-344 and it will be included into future Plesk versions. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Report

    I cannot believe this is still not available in 2018... That is a shame!

  • Anonymous commented  ·   ·  Report

    2 years later, plesk 17 and this is still an issue. please allow encryption of the whole backup data.

  • Anonymous commented  ·   ·  Report

    If you do not want to add password protection feature of end-user sensitive data (database, web files, web configurations), we think it will help to provide better descriptive label of that feature than "Use password protection" on Plesk Control Panel. Because most people would think that it will protect all their web files, database, but not just plesk control panel's password.

  • John commented  ·   ·  Report

    +1 for the entire ZIP backup file contents to be password protected!

2 Next →

Feature Suggestions: Backup / Restore

Categories

Feedback and Knowledge Base

(thinking…)