Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
129 results found
-
Add support to Atomicorp rulesets for ModSecurity 3.0 (nginx)
At the moment you can only choose the OWASP ruleset in the Plesk UI for ModSecurity 3 (nginx). Please add support to Atomicorp rulesets as well.
2 votesThank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
--
IG
-
Add Plesk password generate button to the Create user for the protected directory form
Add a Plesk password generate button that matches with the server password policy level in the Create user for the protected directory form
2 votesThank you for your input! We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Disable "Show password" buttons
An option to disable "show password" buttons would be a nice addition to the security policy.
2 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
In banned IP of (Fail2Ban) add the name of subscription where the violating IP was found
In banned IP of (Fail2Ban) add the name of subscription have the infection
2 votesThank you for your feature request. We will consider the possibility of its implementation if it becomes sufficiently popular and in demand.
—
IG -
Disable/Enable access to plesk web interface
I want stop plesk web interface without side effects for the services. I only mean the access as client in the browser. I'm thinking about disabling the web interface via the shell to avoid the many login attempts, to increase security and if you need the web interface yourself, you can temporarily enable it via the shell.
or
Here is already a feature "Restricting Administrative Access" per ip address. https://docs.plesk.com/en-US/obsidian/administrator-guide/plesk-administration/securing-plesk/restricting-administrative-access.59465/ Nice, but most of us have a dynamic ip address. So it would be nice if you could set the allowed IP(s) via the shell and delete old invalid IPs…
2 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Preset "webmail" and other checkboxes upon SSL certificate creation or reissuing as "checked"
Please provide a possibility to secure webmail automatically if webmail.example.com exists in Plesk.
This can be done by auto-selecting "Secure webmail on this domain" during a certificate creation for example.com.
As it currently stands, end users get confused by the feature.
The more Plesk can simplify this process for end-users, the less support will be required for my customers.
2 votesThank you for your input. We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Centralized SSL Certificate Support
I would like if you guys can add Centralized SSL Certificate Support in Plesk GUI, it would be easy to manage,
as I had added a UNC path (\172.16.0.11\shared-certificates) in my Plesk via command line but now I cannot switch back to local path (C:\shared-certificates) as it was configured with UNC path & if I add a local path via command line, it says that the UNC path is not available even though I am using local path.2 votesThank you for your input! We will consider this functionality in upcoming releases if it will be popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Have a "call-in PIN" (support phone password) field in each user account
I think a call in pin would be nice. Something that the user can change, but it is kept hidden unless they are logged in and click on it to see it. This will allow for end users to request help securely.
2 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Automatic/option for hiding of Plesk, PHP, Apache, Nginx, Wordpress, Drupal, etc. 'reveals'
It would be so useful to accommodate one hardening feature, and that would be to switch on/off the server reveal options for Nginx/Apache (Lightspeed, whatever), the expose_php attribute for the version number in PHP (and equivalent in Perl, etc.), the Wordpress/Drupal (and Joomla, etc.), reveal of their presence and version numbers. See this article for the cybersecurity relevance of that (there's a lot more on the 'securityheaders.com' website and free checkers for all of this there too), but I pick this as an illustration of what I'm referring to with php:
https://serverhealers.com/blog/hide-php-version-x-powered
All of these things are simple, and just…
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
Here I'd like to add, though, that in the real world attackers simply test a website against all known vulnerabilities, regardless what webserver, PHP or other software version they detect. Actually, such version information are of no interest, they simply drive tests against all known flaws. So adding the feature will probably not help against hacking attempts.
-- PD
-
add sshd to services list for restart or enabling on demand
Sometimes it's usefuil to be able to restart the sshd service, especially if the service is not reachable anymore. For increased security it could also be usefull to enable sshd only if needed other the panel.
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Fail2Ban option to apply custom firewall rule to banned IPs
It would be great to have an option in Fail2ban to send the blocked IPs directly to a Custom Firewall Block Rule, to block these IPs permanently.
1 vote -
Additional Account Authentication via Email
This is a request for the implementation of an optional extra layer of authentication via email for customers and resellers who want to login to a Plesk server. Which would improve security by making it much less effective/useful for customers to share their login details with others.
Although similar in concept to 2FA, this is different than the already available 2FA extension as "email account authentication" poses way less of a barrier to non tech savvy users as no additional apps or devices are needed for authentication. Just email.
Ideally it would work something like this: a server administrator could enable "email account authentication" so…
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
There are some similar requests hat you might also want to vote for:
-- PD
-
Harden Your PHP for Better Security
We should all consider PHP security, giving us the option to Harden our PHP through the GUI or add an optimizer that does it automatically by scanning the websites.
1 voteThank you for your idea. Please add, what hardening needs to be done specificially. Also, what optimizer you have in mind that can scan websites, what that software should look for in websites and what is expected as a result of such a scan. Do you have examples?
-- PD
-
Add support for Heimdal Agent
Add official support to Heimdal Agent (https://heimdalsecurity.com/) for Plesk on Linux servers, including ARM architecture servers.
1 voteIt seems that Heimdal Agent is a client component of their offer that collects data from a server or interacts with the server. Nothing speaks against installing that on a Plesk maintained server. "Support for Heimdal Agent" probably means that it can be installed as an extension or from a software catalog like APS catalog?
-- PD
-
DKIM Weekly Rotation of key, with new 'selector' where previous selector is removed the next week
As in:
https://proton.me/blog/dkim-replay-attack-breakdownRotating DKIM is highly important.
Currently, it' **** easy to rotate the DKIM key on Plesk, not to talk of updating DNS and running Route 53 update.
This is asked to be implmented, where a second key is added, and new mails use it.
Old key would be depreciated a week later, as previous emails are still in the progress.
Rotate your DKIM keys regularly – Rotating our DKIM keys allowed us to quickly stop the attack and buy time for the permanent solution. Although tedious and risky to do manually, Proton’s DKIM key management system(new window)…
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Oversign Emails' DKIM From, To, and CC headers
As in:
https://proton.me/blog/dkim-replay-attack-breakdownOversign From, To, and CC headers – Most DKIM implementations always sign the From, To, and CC headers if they are present in an email, preventing them from being modified if the message is resent. However, if these headers are missing, they are often unsigned, opening the door to replay attacks with forged headers that make the fraudulent emails seem legitimate. Oversigning mitigates these attacks by signing these sensitive headers in all cases, even if they are blank. If you use Proton to send your email, this oversigning is done for you automatically by our mail servers.
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Ability to disable aum automatic updates in mod security and apply it manually
Provide the ability to disable aum
automatic updates in mod security and apply it manually1 vote -
Plesk Admin Login - Enable IP Address Locking. In other words, like a firewall, specify the IP address source
Plesk Admin Login - Enable IP Address Locking. In other words, like a firewall, specify the IP address source.
This simply eliminates concerns about password hacking as a Dedicated IP (source location) can be specified just like Remote Desktop.
1 voteThank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
-- PD
-
Improve Plesk Country Firewall Usability
Plesk Country Firewall
1) Add a check for duplicate country abbreviations on save.
2) (x) add checkbox to sort alphabetically
3) Add a drop down to select the country. Currently you have to look up the country 2 digit code. So add a drop down to select country then add the 2 digit abbreviation.1 voteMost ISO codes of rogue nations are well known. We think that changes to geo IP blocking are rarely needed. To keep development costs reasonably low, perfect comfort for rarely used features is not a priority. In a server's lifetime it may occur twice that this is changed, so we wonder how often this feature is used in your daily routine that the added comfort is required? Please comment how you determine the countries to be blocked and why you change countries often so that we understand your routine better and can provide a better product while trying to keep license prices low.
-
Block IP address ranges of cloud services (AWS, Google, DigitalOcean)
Be able to block IP address ranges of cloud services (e.g. AWS, Google, DigitalOcean) via Plesk Firewall to avoid junk traffic and hacking attempts.
At the moment, it is only possible to block IP addresses by countries1 vote
- Don't see your idea?