Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support for HTTP Strict Transport Security / HSTS

    I'm wondering if Plesk also will implent HTTP Strict Transport (or HSTS) Security in the GUI. It's an extra layer of security for sites who need to be extra secure.

    It's being done with a special header (mod_headers for Apache) and a TLS connection. The client (browser) can then verify if the server is the real server and not a man-in-the-middle server/attack.

    It's as simple as adding the following code to the vhost config (HTTPS only!):

    Apache:
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

    Nginx:
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

    445 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    35 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

    Hi!

    The functionality is now available in the SSL It! Plesk Extension: https://ext.plesk.com/packages/3c4117f6-c05c-4d3b-9173-60f10096a9c4-sslit

    How to find it:
    1. install SSL It! Extension (it’s available for Plesk 17.8+)
    2. go to > SSL/TLS Certificates
    3. if there is no SSL Certificate installed on the domain – issue one (using, for example, free Let’s Encrypt SSL Certificate)
    4. if an SSL Certificate is installed on the domain, there is a switcher HSTS, turn it on
    5. Voila!

    We would appreciate hearing your feedback on the implementation of this functionality. Thanks in advance!

  2. Assign separate SSL certificates for multiple mail servers

    Allow the ability to assign separate SSL certificates for multiple mail servers.

    212 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    55 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

    Available since Plesk Obsidian RC3. Windows: modern version of MailEnable required (shipped with Plesk), Linux: modern versions of Postfix (shipped with Plesk) and Dovecot (shipped by most OS vendors) required.

    Please read the docs: https://docs.plesk.com/en-US/obsidian/customer-guide/websites-and-domains/securing-connections-with-ssltls-certificates/protecting-webmail-and-mail-with-ssltls-certificates.76531/

    — rk

  3. Implement renewal of Let's Encrypt wildcard certificates

    Please implement renewal of Let's Encrypt wildcard certificates through Plesk or command line.

    69 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
  4. Wildcard for Let´s Encrypt

    Let´s Encrypt already support wildcards, could you implement it to PLESK asap?

    46 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
  5. Plesk Let's Encrypt and support for ECDSA certificates

    As you probably know, Let's Encrypt supports ECDSA certificates. Shorter handshake time, fewer data to transfer, faster page load time in the result.

    I suggest Plesk feature - add option choose between RSA and ECDSA certificate when signing with Let's Encrypt.

    Best regards, Mike

    24 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

    2.7.2 (17 January 2019)
    • [*] In Plesk for Linux 17.8 and later, the extension now supports issuing ECDSA certificates. To have the extension issue certificates signed with ECDSA, add the following lines to the panel.ini file:

    [ext-letsencrypt]
    key-algorithm = ECDSA
    ecdsa-curve-name = prime256v1 ; can be omitted

    If you have any feedback let’s discuss it on our forum: https://talk.plesk.com/threads/lets-encrypt-extension.336954/

  6. Add ECC CSR support

    Now Plesk uses RSA encryption method, but we would like to use ECC CSR support as it's considered more modern.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

    We’ve released Let’s Encrypt Extension 2.7.2: https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt

    2.7.2 (17 January 2019)
    • [*] In Plesk for Linux 17.8 and later, the extension now supports issuing ECDSA certificates. To have the extension issue certificates signed with ECDSA, add the following lines to the panel.ini file:
    [ext-letsencrypt]
    key-algorithm = ECDSA
    ecdsa-curve-name = prime256v1 ; can be omitted

    IG

  • Don't see your idea?

Feedback and Knowledge Base