Feature Suggestions

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Bind poppasd service to localhost only

    Currently poppassd listens on all IPs. Due to that an intruder can connect to the service via 106.
    Please implement binding of poppassd to localhost only.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Let pci_compliance_resolver --enable postfix also set FORWARD SECURITY and go dor TLSv1.3

    Even though server supports TLS 1.2, the cipher suite configuration is suboptimal. It is recommend to configure the server so that the cipher suites providing forward secrecy (ECDHE or DHE in the name, in this order of preference) and authenticated encryption (GCM or CHACHA20 in the name) are at the top. The server must also be configured to select the best-available suite!

    also there is TLSv3 https://tools.ietf.org/html/rfc8446
    (and draft is used already a long time by many;)

    http://www.postfix.org/TLS_README.html

    And while Playing on Mailserver think about MTA Strict Transport Security (Draft standard) and Email DANE / TLSA.

    THX

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Enable excluding folders on Protected Directories

    Right now it is not possible to use a protected domain on /, while using Let's Encrypt, as it also "protects" /.well-known.
    Please add a general function to add single un-protected directories.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Anonymize IP in logs instead of disabling them completely

    It would be great to have an option to anonymize IP addresses, not to disable it completely to get rid of issues with statistics displaying. For example as it is for Plesk on Linux.

    Currently, Plesk for Windows has an option to completely disable IP addresses logging In Tools & Settings > Server Settings which affects web statistics.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Remove the certificate for securing mail from Plesk

    There is no option to remove Certificate for securing mail via Plesk UI, the only option is to switch it to another.

    Please add feature to unassign the certificate.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Whitelist rkhunter warnings caused by Plesk

    rkhunter security scan will always show security warnings caused by Plesk, as per https://support.plesk.com/hc/en-us/articles/115001160954-What-Watchdog-warnings-may-be-safely-ignored

    You should whitelist these warnings by default.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Change the "secure settings preset"

    In the "Hosting Settings" menu, if the «Security» sub-menu, there is a link «If you want the provided hosting to be the most secure, apply secure settings preset.»

    When we click on "apply secure settings preset" PHP version is changed and some options on the same page are also changed.

    Where can we define the PHP version to be selected by this setting ?

    We should be allowed to change these settings in the GUI.

    Thank you

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. I would like to ban an IP address from the log view of a domain.

    It would be nice if while examining the web logs from the user or admin control panel, that you could block an IP. Possibly write an entry to the htaccess file.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. OCSP stapling for webmail in Plesk

    Add a feature to enable OSCP stapling for webmail of domains that will increase webmail security.

    This feature is already available for domains in the SSL It! extension.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Possibility to restrict Users when they login to access only emailadresses with their domainname

    In my environment (account) I have several domains. I want to restrict signed in users to only have access to the emailadresses of their domain. Now, after login, they see and have access to all emailadresses of all domains in the account.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Allow to register all let's encrypt certificates to the Plesk Administrator email

    Customer has around 2000 domains and hitting the weekly limit for the new certificates. All domains have different ACME IDs

    Customer reached Let's Encrypt support and they agreed to increase limits but require to provide "his own dedicated ACME ID". This feature is required to get such dedicated id.

    This is useful when a lot of domains were migrated to another server and it is required to secure them quickly without reaching limits.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Secure webmail with SSL automatically if it exists on example.com

    Please provide a possibility to secure webmail automatically if webmail.example.com exists in Plesk.

    This can be done by auto-selecting "Secure webmail on this domain" during a certificate creation for example.com.

    As it currently stands, end users get confused by the feature.

    The more Plesk can simplify this process for end-users, the less support will be required for my customers.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. In domain logs allow select all function in order to copy to firewall rules

    This feature requests comes from having to manually copy and paste bad IP's from the domain log files. It would be a request that when you carried out a search for say POST /xmlrpc.php HTTP/1.0 or GET /wp-login.php HTTP/1.0 from brute force hacking or malware bots you can easily just select all, then paste this over to the block list in the Firewall rules.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Allowing customers to whitelist IP address's from their control panel.

    Giving the customer the option to whitelist any IP address from their control panel.

    At the moment, if a customer wants to whitelist an IP address they cannot without server admin whitelisting the IP across the server.

    cPanel have this option with Mod Security Manager.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. User Role Permissions

    Users with permissions to edit roles can edit rights that they do not own and create roles with rights that they do not own. It would be ideal if a user who has the permissions to edit roles can only change and assign rights that he owns.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Centralized SSL Certificate Support

    I would like if you guys can add Centralized SSL Certificate Support in Plesk GUI, it would be easy to manage,
    as I had added a UNC path (\172.16.0.11\shared-certificates) in my Plesk via command line but now I cannot switch back to local path (C:\shared-certificates) as it was configured with UNC path & if I add a local path via command line, it says that the UNC path is not available even though I am using local path.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow adding additional users to a subscription with granular selection of which domain/subdomains he can manage.

    Allow adding additional users to a subscription with granular selection of which domain/subdomains he can manage.

    So that if subscription example.com contains 1.example.com 2.example.com 3example.com.
    We can select as an example only the subdomain 1 and 3

    Same for other components like databases.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Password-protected directories: LDAP / Active Directory

    Fetch users from AD for Password-protected directories

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Individual Users should have access to setup their own Session Expiry Time on Plesk

    Since Hosting providers use plesk on Shared Environments where users are forced to use the same session expiry time shared on hosting server for all shared clients. If Plesk can provide the logged in shared user to set their own Session Expiry time then it would be superb.

    Regards,
    Mody

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Export locked IP addresses from Fail2ban to a text file

    Export locked IP addresses from Fail2ban to a text file
    upload it automatically to an FTP. So you can still use the IP addresses with other services.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base