Skip to content

Feature Suggestions

← Your Ideas for Plesk

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

30 results found

  1. include OSCP stapling directives for secured sites and panel

    See http://forum.sp.parallels.com/threads/ocsp-stapling-for-the-plesk-panel.300280/ for the panel, but would need to be added for all domains also.

    13 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Admin →
    completed  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    Hi!

    The functionality is now available in the SSL It! Plesk Extension: https://ext.plesk.com/packages/3c4117f6-c05c-4d3b-9173-60f10096a9c4-sslit

    How to find it:
    1. install SSL It! Extension (it’s available for Plesk 17.8+)
    2. go to > SSL/TLS Certificates
    3. if there is no SSL Certificate installed on the domain – issue one (using, for example, free Let’s Encrypt SSL Certificate)
    4. if an SSL Certificate is installed on the domain, there is a switcher “OCSP Stapling”, turn it on
    5. Voila!

    We would appreciate hearing your feedback on the implementation of this functionality. Thanks in advance!

  2. Provide ModSecurity 3 modules for supported operating systems

    ModSecurity 3.0 was released about a year and a half ago, and the 2.x branch support seems to decline.

    In addition to that there are some features of ModSecurity 3.x, that would be nice to have:
    * Proper support for webservers other than Apache, without having to resort to an Apache-like wrapper module running within other web servers
    * Better performance due to the architecture rewrite
    * GeoIP2 databases support out-of-box (MaxMind no longer provides new Legacy-GeoIP databases, so this would be very good to have)

    Considering that newer *nix OS (Debian 10, CentOS 7 through EPEL) ship libmodsecurity-3, I…

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Admin →

  3. to do an upgrade of roundcube for plesk 17 to version 1.2.3

    This week a critical security issue for roundcube has been reported: https://blog.ripstech.com/2016/roundcube-command-execution-via-email/
    This is present in all roundcube versions below 1.2.3
    Thank you very much.

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Admin →
    completed  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    The Roundcube was updated in Plesk Onyx 17.8.11. We suggest you to upgrade to Plesk Onyx 17.8.11 MU1 and check it out (https://docs.plesk.com/release-notes/onyx/change-log/#contents-17811-mu1).

    The Roundcube also was updated in Plesk Onyx 17.5.3 MU29 (https://docs.plesk.com/release-notes/onyx/change-log/#contents-1753-mu29) and Plesk Onyx 17.0.17 MU40 (https://docs.plesk.com/release-notes/onyx/change-log/#contents-17017-mu40).

    Let us know if you have any feedback

    — AY

  4. Passkey for Login

    As passkey is the strongest MFA, it should be implemented as an extension or directly

    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  5. Upgrade ModSecurity IIS to 2.9.4

    Currently Plesk installs ModSecurity IIS 2.9.3, which was released on December 5 2018. On June 11 2021, ModSecurity 2.9.4 was released, it's important to stay up to date with software version releases.

    https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.4

    Please note:

    • Windows installer no longer includes OWASP CRS.
    3 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →

  6. SMTP Smuggling - patch postfix 3.7.9-0+deb12u1 Update to postfix 3.8.3

    37C3 - SMTP Smuggling – Spoofing E-Mails Worldwide

    postfix is vulnerable

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  7. Track who changed the Plesk Administrator password

    The idea is to know who and when changed the Plesk admin password. If it's from CLI, what user (usually root), or if it's on GUI, what IP.
    That should be noted in the action log.
    Right now it isn't.

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  8. Add the option "Security of wp-content/uploads folder only"

    Securing the whole wp-content will break many commercial templates, while blocking script execution under the wp-content/uploads and wp-content/upgrade folder have no known side-effects.

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  9. Fail2Ban rules block IP's permanently

    Ip's not only temporary ban but directly permanent

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    completed  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    This functionality was added in Plesk 18.0.63 (https://docs.plesk.com/release-notes/obsidian/change-log/#plesk-18063). We suggest you to update to Plesk 18.0.63 and check it out.

    If you have any feedback on the implementation of this feature, please let us know on the forum: https://talk.plesk.com/forums/plesk-obsidian-for-linux.748/

    Thank you!


    — AY

  10. IP Addresses in access_ssl_log with NGINX

    Bug?

    No real IP Addresses from visitors in accessssllog when Ngnix is enable.

    Only Local IP Address will logged.
    Thats bad.

    1 vote

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
2 Next →
  • Don't see your idea?

Feature Suggestions

Categories

Feedback and Knowledge Base

(thinking…)