Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you ...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support for HTTP Strict Transport Security / HSTS

    I'm wondering if Plesk also will implent HTTP Strict Transport (or HSTS) Security in the GUI. It's an extra layer of security for sites who need to be extra secure.

    It's being done with a special header (mod_headers for Apache) and a TLS connection. The client (browser) can then verify if the server is the real server and not a man-in-the-middle server/attack.

    It's as simple as adding the following code to the vhost config (HTTPS only!):

    Apache:
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

    Nginx:
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

    351 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      open discussion  ·  27 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
    • Assign separate SSL certificates for multiple mail servers

      Allow the ability to assign separate SSL certificates for multiple mail servers.

      78 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        20 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

        This is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!

        —rk

      • Add Mailman support to Let's Encrypt

        Please add Mailman support to Let's Encrypt.

        Ideally, one could issue either a certificate directly for lists.domain.com or a wildcard certificate for *.domain.com.

        Furthermore, a secure connection should be enforceable.

        Thanks!

        32 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          9 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
        • Allow disabling of Let's Encrypt on a domain by domain basis

          Currently, when giving users the ability to access SSL to add their own certificates, they can also view Let's Encrypt and create free certificates. It would be useful to allow users access to add their own certificates without giving them access to use Let's Encrypt and there is currently no way to do this.

          Additionally, any users logging in to manage their domains can see Let's Encrypt (although cannot use it) and we keep getting asked about it, so it would be useful to hide this off for users unless they specifically need access.

          7 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
          • SSL Certificate changes should be reflected in Action Log

            SSL Certificate changes are currently not logged in Action Log in any way. Such changes should be logged as they are part of hosting settings.
            Yet, they should reflect the certificate details (e.g. "Certificate A was changed to certificate B").

            5 votes
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
            • Allow certificate upload as .pfx container

              If you have a .pfx file containing Certificate, Private Key and CA certificate, allow to upload that container with one step.

              This way, a customer doesnt have to use tools like openssl to extract and convert the certificate themselves.

              .pfx is the preferred format on windows plattforms ,e.g. when you export a certificate from another IIS-based server.

              4 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
              • Add ECC CSR support

                Now Plesk uses RSA encryption method, but we would like to use ECC CSR support as it's considered more modern.

                2 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  1 comment  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                • Option to disable SNI for a domain in SSL Settings

                  If a domain has SNI disabled from IIS > Site > example.com > Bindings, Plesk reverts it back to Enabled when it pushes changes to IIS.

                  It would be nice to have an option in the domain's SSL settings to turn ON/OFF SNI and lock it.

                  2 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                  • Plesk Let's Encrypt and support for ECDSA certificates

                    As you probably know, Let's Encrypt supports ECDSA certificates. Shorter handshake time, fewer data to transfer, faster page load time in the result.

                    I suggest Plesk feature - add option choose between RSA and ECDSA certificate when signing with Let's Encrypt.

                    Best regards, Mike

                    2 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                    • Allow both HTTP and HTTPS version of websites to be forwarded. It's 2018, this is vital.

                      This is all about security, it's simply not a fully developed product without this facility and I am hugely shocked and surprised it doesn't already exist.

                      2 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        5 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                      • Remove 'Secure with an SSL/TLS Certificate' from 'Add a Subdomain'

                        When adding a subdomain, it takes (at least at my webhoster) 15 min before the changes take effect. If one checked 'Secure the domain with Let's Encrypt' on the page 'Add a Subdomain', an error is thrown because the newly created subdomain is not available in time.

                        Therefore, I suggest taking this 'feature' off the 'Add a Subdomain' page.

                        1 vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

                          The time required for subdomain to become available depends on a many factors. In your particular case it takes a long time, in lot of other cases it works fast. Hoster can configure the server to wait longer, so, the feature can works even in your case.

                          That’s why we have no plans to remove this.

                          But anyway, everyone, please continue voting for this feature if you consider it important. If we’ll see a lot of votes for this request, we’ll reconsider it.

                        • Option to not select alias domains in Let's Encrypt by default

                          By default, the Let's Encrypt extension pre-selects all alias domains of a domain to be included in the Let's Encrypt certificate. This can lead to some unwanted results, for example when one of the alias domains is removed from the DNS at a later stage (because it was only used for testing) which would result in Let's Encrypt being unable to renew the certificate.

                          It would be nice if there was an option that allows us to configure that alias domains should _not_ be selected by default in the Let's Encrypt extension.

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                          • I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.

                            I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.
                            For example
                            If example.com is another server, SSL certificate of www.example.com can not be acquired by Let's encrypt
                            I want you to be able to do it.

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                            • Remove default certificate and set Let's Encrypt certificate as default when securing Plesk login page

                              When securing Plesk with Let's Encrypt, the default certificate should be removed and/or the generated Let's Encrypt certificate should be set as the default one.

                              Such Let's Encrypt certificate should be automatically applied to mail too, and in such case, if server hostname is changed later, that certificate should be automtically reissued, or at least a warning should be generated.

                              1 vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                              • Simplify adding a renewed ssl certificate (that uses the existing private key)

                                Currently, to install a manual certificate:

                                1. Copy private key, paste private key, update Cert and CA
                                2. Go to Web Settings, change certificate to new one

                                Proposed process:

                                1. Select "Add Certificate" option next to the certificate
                                2. Private key automatically reused (perhaps read-only or hidden by default)
                                3. Name, Insert/Upload Certificate and CA
                                4. Show a "Replace certificate" option, that will update the domains that used the original certificate.

                                1 vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
                                • Don't see your idea?

                                Feedback and Knowledge Base