Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
142 results found
-
Allow to add trusted IPs to specific Jails
Allow to set a trusted IP over the GUI and CLI to specific jails same as allowed by fail2ban client:
# fail2ban-client --help | grep -A1 ignoreip
set <JAIL> addignoreip <IP> adds <IP> to the ignore list of <JAIL>
set <JAIL> delignoreip <IP> removes <IP> from the ignore list of <JAIL>
get <JAIL> ignoreip gets the list of ignored IP addresses for <JAIL>2 votesUpd: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
In domain logs allow select all function in order to copy to firewall rules
This feature requests comes from having to manually copy and paste bad IP's from the domain log files. It would be a request that when you carried out a search for say POST /xmlrpc.php HTTP/1.0 or GET /wp-login.php HTTP/1.0 from brute force hacking or malware bots you can easily just select all, then paste this over to the block list in the Firewall rules.
2 votesThis request only received 2 votes during 3 years. It did not become popular. It may also not be the best possible choice to block individual IPs like suggested as attackers frequently change IPs which will easily result in hundreds or thousands of blocked IPs in the firewall. That again will slow down network traffic. Instead we suggest to use Fail2Ban that comes with Plesk to automatically block attacker IPs. Fail2Ban has the capability to analyze log files automatically, to identify trouble sources and to ban these IPs for a pre-defined duration.
-- PD
-
independent passwords for database and user interface
To allow Plesk to have an independent admin user password for database, which won't be the same as the graphical user interface.
2 votesThis feature request has been reviewed. We came to the conclusion that currently there are no plans to update this part of the software. For specific requirements it is possible to add additional user(s) to the database that have privileges that allow full access to all or limited access to a specific instruction set. There are no limitations on this procedure so external access such as monitoring can be achieved by this simple workaround. Please consider this workaround if you require access to the database.
-- PD
-
The possibility to manage Fail2Ban jails via CLI
Currently, ip_ban utility does not allow to manage jails, for example, RECIDIVE jail.
It is possible only via GUI
2 votesThank you for your input!
Unfortunately, we have to close your request because it has not become quite popular for further implementation over the years.
—
IG -
Bind poppasd service to localhost only
Currently poppassd listens on all IPs. Due to that an intruder can connect to the service via 106.
Please implement binding of poppassd to localhost only.2 votesThank you for your input!
Unfortunately, we have to close your request because it has not become quite popular for further implementation over the years.
—
IG -
Enable excluding folders on Protected Directories
Right now it is not possible to use a protected domain on /, while using Let's Encrypt, as it also "protects" /.well-known.
Please add a general function to add single un-protected directories.2 votesThank you for your input!
Unfortunately, we have to close your request because it has not become quite popular for further implementation over the years.
—
IG -
2 votes
UPD: Sorry, we are closing the request as no information were provided for over a month.
—
IG -
Change the "secure settings preset"
In the "Hosting Settings" menu, if the «Security» sub-menu, there is a link «If you want the provided hosting to be the most secure, apply secure settings preset.»
When we click on "apply secure settings preset" PHP version is changed and some options on the same page are also changed.
Where can we define the PHP version to be selected by this setting ?
We should be allowed to change these settings in the GUI.
Thank you
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
FTP, sFTP and SSH access with console
Add a BackEnd and FrontEnd editor for usage and create FTP, sFTP and SSH access with console integrated like cPanels but on Onyx Plesk
2 votesThank you for your input!
Could you please explain your request in more detail? Do you want to access to (S)FTP/SSH from web-interface?
— AY
Upd: Sorry, we are closing the request as no information were provided for over a month.
-
2 votes
Thank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Enable subscription system user handle modsecurity
Give system user permissions to handle modsecurity
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Add support for pam_shield
I know we have support for fail2ban. But fail2ban works reading the logs. A better tool for protecting the ssh console and others it's to use pam_shield module, with works directly when the "hacker" it's directly trying to guess the password of a system user.
It's configuration it's very easy, only /etc/security/shield.conf file.
It uses less resources to protect the services than fail2ban.
Regards,
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
I would like to ban an IP address from the log view of a domain.
It would be nice if while examining the web logs from the user or admin control panel, that you could block an IP. Possibly write an entry to the htaccess file.
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Make Plesk more robust when concurrent operations were made
In many cases, iftwo admins are doing operations on the Plesk GUI at the same time, issues arises.
For example, if you switch the IP for outgoing mail while you're restoring a domain backup, such domain will change their IP automatically to a wrong one, and the whole domain stops working.
For your reference, see my ticket #2043269
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
fwsnort
fwsnort translates SNORT rules into iptables rules
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
remove wildcard SUBdomain in plesk ubuntu
cloud flare showing original ip of sub-domain or if you type anything like asdlasd.domain.com of non-existing domain.
I have a domain, when you open my domain it redirects to https:// and hide my server ip which is fine but when you type anything like alsdkalsdsda.domain.com it does not redirect to https:// and the MAIN problem when search for my domain original ip, you can find it by just typing anything of subdomain. (rtwrwrwerwq.domain.com)
find ip address of any domain > https://www.site24x7.com/find-ip-address-of-web-site.html
I do not want to redirect just want to remove it
any solution
Thanks in advance
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Hi, i am missing a simple cloud server app for secure sharing data with Friends like a simple DropBox with Password protect
Hi, i am missing a simple cloud server app for secure sharing data with Friends like a simple DropBox with Password protect
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
eMails to control protected directories? Registered users/pass:When/from where do they log in?Disclosure my work?
I have organized registered users/pass: I would like to know, when/from where they log in?
'It´s important to know, if theydisclosure my work unauthorized !2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Manage Additional Administrator Accounts via XML API
It would be useful to be able to manage Additional Administrator Accounts via the XML API. That way we can keep passwords synchronised with our central database and disable accounts automatically.
2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Required restriction executable files, While Upload files in Plesk File Manager
Hi,
Required restriction ( .exe, .dat, .rar, unsecured file and other executable file ) While Upload files in Plesk File Manager
2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG
- Don't see your idea?