Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
42 results found
-
Add option to pass OCSP "must staple" to Let's Encrypt
It is possible to enable OCSP stapling, but not to pass the "must staple" option to Let's Encrypt, even though they support it, and it should be available in Plesk.
More people have pointed this out on the original post: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/7064969-include-oscp-stapling-directives-for-secured-sites
4 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Enable SSL session caching by default in Nginx configuration
SSL session caching is not enabled by default in Plesk's Nginx configuration, leading to the warning “Session resumption (caching): No (IDs assigned but not accepted)” during SSL testing (e.g., SSLLabs test). Without SSL session caching, SSL/TLS handshakes take longer and consume additional resources, impacting performance for returning users.
The following settings are missing in the Nginx SSL configuration file (/etc/nginx/conf.d/ssl.conf):
sslsessioncache shared:SSL:32m;
sslsessiontimeout 1m;Steps to Reproduce:
- Run SSL configuration tests, such as with SSLLabs, and observe the “Session resumption” section.
- Note the warning “Session resumption (caching): No (IDs assigned but not accepted)”, indicating the lack…
3 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Allow specifying of ports to open in firewall during certificate generation process to open and close again automatically
allow for specific ports to be opened when securing/ressecuring Let's Encrypt SSL certs.
For example, Lets Encrypt needs several ports open in order to reissue SSL so have a field to enter the ports to open when re issuing the SSL.
tcp:80, 443
udp:4433 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Letsencrypt wildcard certificate, check dns and continue automatically
When creating a wildcard certificate for a domain where we are hosting the DNS, letsencrypt creates the required DNS record automatically, but then shows a dialog telling us to check the dns before continuing.
Since plesk created the DNS record and the DNS points to our server, the plugin should be able to verify that the DNS is good and continue automatically.
If we are not hosting the DNS and we have to manually create the record before continuing, the tools can easily display a 'check dns' button that will do the dns lookup and confirm if good or not.
3 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Allow selecting SSL certificate for ip address from all certs managed by Plesk
When I configure an IP Address, then I can select an SSL Certificate and the Default site.
Sadly, Plesk offers only SSL/TLS certificate from the administrators repository. Mostly I would have needed the cert from the most important website on the server. Please make all known certs available.
3 votesThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Add an hsts feature to webmail in Plesk for Windows
It would be grate to have an opportunity to add hsts to the webmail via Plesk UI on Windows
3 votesThank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
--
IG
-
Count what certificates are installed on a server
Add the feature (e.g. CLI utility) to count the certificates that are currently installed on the server with displaying their types and secured components (e.g. wildcard, webmail etc.)
3 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Enable setting the default (and a custom) max-age value for HSTS in the SSL-IT! plugin
The Dutch web application guidelines (https://www.ncsc.nl/documenten/publicaties/2019/mei/01/ict-beveiligingsrichtlijnen-voor-webapplicaties) prescribe a minimun max-age of one year (max-age=31536000). The default in the SSL-IT! plugin is 6 months. There is no option for one year, but there is an option for two years.
I would like to be able to set the default value and add custom values to choose from. I would also very much appreciate to be able to set those through the CLI.
3 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
webmail subdomain is protected by Let's encrypt for domains but not for alias domains
If I have an ALIAS domain example.com, then
webmail.example.com is created, but there is no certificate for it3 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Allow the use of LetsEncrypt for default certificates
I would like to be able to use the Let's Encrypt extension to add new certs to the "list of certificates in server pool" and make use of a Let's Encrypt (LE) cert as the "default certificate" for domains that have not added their own specific certificate.
I thought this was already possible, but was incorrect. I added a LE cert on the Tools/Settings > SSL/TLS Certificates page, and made it the default certificate.
However, I used a different certificate to secure the Panel and the mail server. It appears, in that case, the LE cert will never be renewed.
…
3 votes -
I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.
I would like to be able to acquire SSL certificate of Let's Encrypt for subdomain of www.
For example
If example.com is another server, SSL certificate of www.example.com can not be acquired by Let's encrypt
I want you to be able to do it.3 votes -
Add to Plesk possibility of installing certificates from ACME-compliant services other than Let's Encrypt
In Plesk, there is a Let's Encrypt which is an ACME-compliant vendor of certificates. It would be good to have another one or the possibility to implement other ACME-compliant certificates via Plesk tools. For example JPRS: https://jprs.jp/pubcert/about/ACME/index.html
2 votesThank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH
-
Add separate notification confirming the issue was resolved if there were email about failure
Whenever an email is sent about certificates that could not be automatically renewed (asking the user to manually inspect them), if the certificate can eventually be renewed automatically, then send an email to notify of the success. Otherwise the user only knows that something is wrong, and has no idea that it’s now good again. This success email should be sent regardless whether the user already receives notifications for any certificate renewal events or similar, because by default, one would expect that an error message is always matched by a success message, if it exists.
2 votesThank you for your excellent suggestion. We will consider this functionality in upcoming releases if it becomes popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Simplify the process of uploading 3rd Party Vendor SSL certificates forcing CA part to be filled
Make easier to understand that while uploading 3rd party vendor SSL certificates the CA part needs to be filled along with the key and crt parts. Currently its not mandatory.
Consider the possibility of using the "old ca file" when a certificate is renewed and the crt and key parts are uploaded manually as a new certificate.
2 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Separate log for domain resolve problems during SSL generation
We would like having log file containing records about the issues reported during the creation of a new SSL. For example, when domains resolves to different IP, the problem is not stored in Action Log or another log file.
2 votesThank you for your suggestion. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
-- KvD
-
Assign SSL certificate from Admin repository to a domain via CLI
Assigning SSL certificates from Admin repository to a domain is possible via Plesk GUI, but not via CLI.
More information from this documentation, which doesn't state such option via CLI: https://docs.plesk.com/en-US/obsidian/cli-linux/using-command-line-utilities/certificate-ssltls-certificates.39009/
2 votes -
Add option to select which aliases will be kept secured
Currently there's only an option to keep all aliases secured. This causes endless failure notification from Plesk if one of the domains is routed through an external DNS server and can't be automatically secured.
There should be an option to select which aliases will be automatically secured upon expiry.
2 votes -
Became CA to issue SSL certificates without 3rd party integrations
You need to make CA like cPanel who own their SSL, less error and not community service.
It would be nice if Plesk became certificate authority to issue free certificates without 3rd party integrations
2 votesThis is a valid request, so we'll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features.
Thanks in advance!
--
IG
-
Separate error log for Let's Encrypt and SSLIt!
Separate error log for Let's Encrypt and SSLIt! would facilitate panel.log analysis a lot. Now panel.log is flooded with LE and SSLIt errors.
2 votesThank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
--
IG
-
Option to enable or disable automatic issue SSL certificate per domain (instead of per subscription)
Currently in Plesk a subscription can contain multiple domains. But there is no option to manage which of those domains should be automatically secured with a SSL certificate. There is only the "Keep Websites secured with free SSL/TLS certificates" option for the subscription, which affects all domains inside the subscription.
This is a suggestion to create an option to be able to manage the "Keep Websites secured with free SSL/TLS certificates" on a per domain basis.
Use case example:
When a subscription is used for hosting multiple domains, sometimes some of those domains aren't transferred yet. For example because the…2 votesThank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
--
IG
- Don't see your idea?