Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
142 results found
-
Enable plesk parallels firewall log (logdrop)
Enable logdrop policy, so you can log incoming traffic on ports.
This log information is useful to install an honeypot with fail2ban.2 votesThank you for your input!
Unfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
implement tools to combat spam when sent from scripts hosted on domains.
We would like customers to manage their domains themselves but limit them to a list of domains defined by the reseller/admin.
It would be great if a customer could e.g. define himself which domain (alias) should belong to which hosting package.
The problem at the moment is: If we give customer A the privileges to manage his domains, he could also add a foreign domain (NOT on the server) and configure mail accounts, e.g. *@ebay.com. The result would be that any mail another customer B who also uses our server sends to this domain could be "captured" by customer A.…
2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Add a specific permission/role property for file sharing
For now there is an "Upload and manage files" permission which includes access to sections Files and File Sharing. It would be great if I could allow some users to access only File Sharing section.
2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
to make it easier to find the security administration tool for my websites.
In "Websites and Domains" I find my registered websites with my directories. In the bottom of each such description part I find a really tiny button to press for the additional functions, among them "websites sichern" (German; might be something like "Giving Security to Websites" or -directories).
I wold like to find the administration tool easier, meaning on the main desk top: After activating one of my sites a click on a (new!) button "Security" in the top icon line should solve my problem.Thanks for careing.
Gregor2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Traceroute (with map)
A traceroute option right from the panel would be nice, even nicer with visualisation on a map, like for example on http://www.yougetsignal.com/tools/visual-tracert/
2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Add WAF Webmail Exclude Rules tab
We could do with having an extra tab in WAF to disable rules on the webmail domain.
I have added the mod_security directives to my horde and roundcube templates as heavy use causes Permission Denied while using Horde and WAF with COMODO rule set.
Rules causing the issue appear to be
SecRuleRemoveById 230000 230007
on webmail.domain.tld and eas.domain.tld.
Kind regards
Lloyd
2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
allow to add hostname/dynamic IP´s in firewallrules
allow to add hostnames and dynamic IP´s in firewallrules
allow to set IP range2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Firewall rules with IP Fields... It's Basic
See Windows server 2008 Firewall to see examples to separate in and ougoing trafic.
And I'm agree to others posts to import rules about blacklists from specialized sites2 votesUnfortunately, we have to close your request, because over the years it has not become quite popular for further implementation.
—
IG -
Update the security options to best practice for domains page
Tiny things, should be easily implemented:
1) For HSTS the recommended settings are
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Otherwise if you add it elsewhere (the server headers page) you have to turn this off or get two headers implemented, and you do not get the full security rating on that security page and looks like something is missing (plus inconvenient if you do not know what to do).
2) OCSP stapling is something no longer recommended, and probably should be removed. Perhaps this could be replaced with automatic setup of the DS and CAA records (especially given the range of providers…
1 voteWe regret to inform you that since no additional details were provider for over a month and we still have no clear idea of the user benefits over the existing option we are closing the request.
-- SH
-
Implement OpenApp Sec in Web Application Firewall
Implement open app sec, as plesk customize the nginx package:
https://www.openappsec.io/playground
https://github.com/openappsec/openappsecIt would be good if is possible to use under plesk because it is a good tool, open source and free, and probably better than comodo/owasp rules.
1 voteSorry, we are closing the request as it didn't get enough votes within the last nine months.
--AA
-
Please tell me how to activate "xmlrpc". I'm curious how you do it What I want is activation and deactivation.(Xmlrpc-enable /disable) Coul
vultr (plesk)Please tell me how to activate "xmlrpc". I'm curious how you do it
What I want is activation and deactivation.(Xmlrpc-enable /disable)
Could you please create an xmlrpc function like other hosting companies?1 voteFor support questions please turn to either our community of reknowned expert users https://talk.plesk.com or Plesk ticket support https://support.plesk.com.
-- PD
-
Add support for Heimdal Agent
Add official support to Heimdal Agent (https://heimdalsecurity.com/) for Plesk on Linux servers, including ARM architecture servers.
1 voteWe regret to inform you that we are closing this request as no feedback was provider for quite a while.
-- SH
-
Different SSL protocols for domains
Currently, Apache in Plesk can have only one set of SSL/TLS protocols (SSLProtocol defined in /etc/httpd/conf.d/ssl.conf).
In theory, it is possible to have different SSL/TLS protocols for each vhost if they are listening on different IP addresses.
Add this feature in Plesk to be able to define different set of SSL/TLS protocols for different vhosts.1 voteNo example/business case has been provided why different domains need different SSL/TLS versions. As this request only got 1 vote it does not seem to be popular either. We must decline it.
-
Plesk Fire Wall to upload faster, and allow incremental changes
Plesk FW when having lots of rules, is SUPER SLOW, because the rules are handled by a bash script, whereas compiled executables which ia a lot faster, is not used. This is asked to be changed.
Also, please make sure the Fire Wall script does not call a DNS query for the host of each IP, as mentioned here:
https://serverfault.com/questions/85602/iptables-l-pretty-slow-is-this-normalAlso, as fail2ban may add a CIDR ip as x.x.x.x/12 within a blink of an eye, I am asking for Plesk to implement such incremental change ability on the Plesk Fire Wall As well
fail2ban-client -vvv set nginx_errors banip x.x.x.x/12
1 voteThank you for your feedback. Unfortunately, this request contains several different suggestions, and it's not technically possible to properly handle them inside one request. Please consider creating separate feature requests for each of the items.
--
IG
-
Implement logic for DDOS protected domains
As a hosting company we should have an option to give customers ddos protection.
The only implementation that works great is taking a domain, secure it with ddos protection service and generate customers a subdomain under this domain.
Lets say, example.com is protected under ddos protection software.
A customer clicks on "add domain" and if we blocked the option to add any domains, there will be only generated a subdomain under example.com, EG: website1223153.example.comThis subdomain would be protected by a ddos protection service.
The customer can create a CNAME to website1223153.example.com in order to connect his domain to the…1 voteEffective DDoS protection can only be done by hardware solutions that are installed between Internet and server. Traffic directed to the server must be analyzed, and in case of DDoS it must be blocked before it reaches the server, because bandwith of NICs and CPU power will always be too small to cope with attacks. Once an attack reaches the server it is "too late". For that reason we suggest speaking with your data center instead if they can provide a suitable router before your server or maybe you can check a well-known cloud service through which traffic to the host and domains hosted on that host is routed.
-- PD
-
NS in the firewall
About the firewall, access can currently be allowed from manually added IP addresses. I think it would be a good idea to be able to add nameservers to allow FTP and SSH access from places where the IP changes periodically.
1 voteThe requested function will require name resolution on every incoming packet. This will result in extreme slowing of the server. As this request did not gain popularity either, we must decline it.
-- PD
-
Add a possibility to enable debug for iptables using Kernel TRACE
It would be great to have an ability to enable dubugging as describe here: https://serverfault.com/questions/122157/debugger-for-iptables/126079#126079 using Plesk Firewall
1 voteIt seems that demand for this feature is low. It is something very specific for users who are familiar with the Linux console and iptables already, hence will be able to get the required output on the Linux console, too. As this request did not become popular we must decline it.
-
Add a security mechanism when changing a user password
Add a security mechanism for resetting a user password in Plesk, for example verify the password change via email or add a field to submit the old password (implemented for Plesk admin user)
1 voteWe regret to inform you that we had to close your suggestion as it did not receive any votes over the course of three years. Thank you for your attempt to help making Plesk better.
-- SH
-
Automate Abuse Reports to ASNs, from Plesk run Logs, According to pre-defined Scenarios, and Excluding White Listed IPs
Hi,
After blocking full CIDR ranges for small to medium ISPs hackers used to attack our server, I manually block huge ranges of CIDR IPs of the big tech companies. This ISPs have so many IPs that FireWall might not be able to technically block.
I find it important, that big hosts would sweat, for hosting such hackers, and possibly not blocking them efficiently, mainly blocking payment methods they use.
Thus, I would very much would like lots of users to have an automatic tools enabling automatic Abuse reports (usign email or pre analyzed report forms), for pre-defined rules-set (i.e.,…
1 voteUpd: Sorry, we are closing the request as no information was provided for over a month.
—
IG -
Make Security NOT an Option (part of base price - just increase it a bit!)
It saves everyone time and frees your technicians up for doing real work - plus you are better stewards of the Internet.
1 voteUpd: Sorry, we are closing the request as no information was provided for over a month.
—
IG
- Don't see your idea?