Skip to content

Feature Suggestions

← Your Ideas for Plesk

Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.

Please write in English so that voters from all over the world can read and support your request.

For technical assistance, contact Plesk support
For questions, bug reports, discussions and free assistance, check our Forum and Facebook page
For additional information, see Documentation, Knowledge Base and Blog
Follow us on Twitter for more news on Plesk development

Off-topic posts will be removed from here

I suggest you...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

142 results found

  1. Backport Fail2Ban IPv6 Support to Plesk Onyx 17.x

    As of now, feature with 178 votes is available in Plesk Onyx 17.9 Preview only: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/17924536-fail2ban-now-supports-ipv6-please-upgrade

    It would be awesome to have this feature available on earlier versions of Plesk Onyx without the necessity to wait until Plesk Onyx 17.9 becomes stable.

    94 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    18 comments  ·  Security  ·  Admin →

  2. steering allowed SSLCiphers (negative >noCBC; positive >only GCM) for all System-layers (mail, Plesk-Login, Apache, Nginx) via Plesk

    Optimizing the Quality of SSL-/TLS-Encryption at Plesk-driven Servers is very complicated...

    ... while the importance of a high-level encryption - not only since Edward Snowden - is of considerable importance.

    please investigate:

    http://serverfault.com/questions/550247/sslciphersuite-disable-weak-encryption-cbc-cipher-and-md5-based-algorithm

    and

    http://www.kuketz-blog.de/nsa-abhoersichere-ssl-verschluesselung-fuer-apache-und-nginx/ (best article / only available in german)

    Please implement the possibility for defining/steering not/allowed Ciphers and not/allowed SSL-protocols directly via PleskPanel.

    This function should include ALL System-layers like: mail, webmail, Plesk-Login, SSH, PHP- or JAVA-Apps/Tomcat, Apache, Nginx, ...

    THANK YOU VERY MUCH

    30 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    6 comments  ·  Security  ·  Admin →
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    Over the course of nine years this feature request has only received a handful of votes - although we had merged it with a similar request to get the full number of votes for both. We basically understand the need for top level security, but this feature seems not to be popular among users.

    Even the rather extreme kuketz-blog article says: "The technology for protection against spying is available – but hardly anyone uses it." which is another indication that hardly anyone is interested in specific configurations that harden servers to the extent where powerful players have difficulties reading traffic.

    Plesk allows using a "perfect security" configuration, but it seems that only very few individuals are actually interested in it and understand why this can make sense in some cases. As a responsible administrator who wants to provide perfect security to users you can implement it into your server along…

  3. Adding google recaptcha to plesk login area, or any captcha validation

    Adding google recaptcha to plesk login area, or any captcha validation

    23 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    5 comments  ·  Security  ·  Admin →
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    We are not sure why solving a captcha can be a better solution than the existing solution of a Fail2Ban jail monitoring login attempts. After all, with a captcha, users are forced to fulfill an extra step, do extra input and clicks just to login. It would make the login process more difficult for them and slow the process down while at the same time it does not provide any extra security. Moreover, many captcha solutions have violated EU GDPR. Also, with a captcha, this will not prevent bots from hammering the server with requests, hence causing unnecessary cpu load.

    Instead, Plesk has a very secure and effective solution to block bots from testing passwords: Please use the existing "plesk-panel" Fail2Ban jail (Tools & Settings > IP Address Banning).

    -- PD

  4. mod_evasive in Plesk

    Add mod evasive as module for Plesk

    22 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Admin →

  5. Prevent decryption of passwords for customers/mail users/...

    At the moment, user/customer/... passwords are stored in the database in a way that they can still be decryted using the server's private key (see for instance http://serverfault.com/questions/425116/possible-to-get-cleartext-password). This is for instance used by the program mailauthview. Thus, once somebody knows the key and has access to the database, (s)he can decrypt all passwords.

    I would like to prevent the ability of decrypting passwords at all. Since many people use the same passwords across different accounts, I'd like to prevent the risk that user passwords unintentionally could get revealed if somebody gets access to the server.

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    4 comments  ·  Security  ·  Admin →

  6. opcache memory per vhost instead of shared

    Currently Opcache is written in a shared memory it should be stored in the user's home folder. One client can see the all the scripts stored from all the sites hosted in the server.

    9 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  Security  ·  Admin →

  7. More advanced anti-ddos interface and settings

    This (https://support.plesk.com/hc/en-us/articles/115000784914-What-DDoS-protection-tools-are-available-in-Plesk) recently updated article shows that we still need paid extensions to better protect our servers against ddos attacks.

    It would be great if Plesk would create a more advanced anti-ddos monitoring tool with a useful interface, alerts, and the right amount of settings to better protect our servers from ddos attacks without the need to install a third party extension with additional costs. Preferably created with "good defaults" in mind.

    8 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Admin →

  8. Add the option to forbid execution of files in Plesk for Windows

    In Plesk for Windows, add options to forbid executing .exe, .bat and other executable files in order to prevent starting of malicious scripts.
    It should be added to domain and server-wide levels.

    6 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  9. Don't show version on the login mask.

    I recommend to don't show any information about the version of Plesk or other software before the user logged in.

    6 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    2 comments  ·  Security  ·  Admin →
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    This feature request has only received very few votes over the course of 7 years. Also, there is no urgent technical requirement for it as the previous statement by Plesk mentioned:

    -----

    You wouldn't need to worry too much on version exposure: 1) should there be any vulnerability discovered, we will fix it for each  and every supported version. Just stay up2date 2) hiding version gives only false sense of security - attacker can  still apply all known vulnerabilities disregarding your actual version. There were just few vulnerabilities about Plesk and it is easy to run them all (though it won't give an impact as all of them are addressed already). It is even easier than capturing a version from a file.  If you remain heavily concerned, we can recommend applying Two-Factor authentication via Clef or Google Auth extensions at http://ext.plesk.com or maybe restricting Plesk control panel access to certain…

  10. Allowing customers to whitelist IP address's from their control panel.

    Giving the customer the option to whitelist any IP address from their control panel.

    At the moment, if a customer wants to whitelist an IP address they cannot without server admin whitelisting the IP across the server.

    cPanel have this option with Mod Security Manager.

    5 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    Allowing endusers to allowlist themselves can result in significant  security risks. For example malicious users could use this tactic to  drive brute-force attacks against the server or other users on the same  server which cannot be noticed when that malicious user has whitelisted  his own IP.

    No arguments have been given why it is not risk to allow endusers to allowlist themselves. We must decline this request.

    -- PD

  11. Add the possibility to protect Plesk panel with Web Application Firewall (ModSecurity)

    Plesk should provide a way to secure the Plesk administration panel with the Web Application Firewall (ModSecurity).

    Currently, when Plesk is accessed via 8443, Apache is not handling any request. However, when Plesk is accessed via port 443, Nginx is working as a proxy.

    This setup should be changed, Apache should work as a proxy to be able to filter the HTTP request with ModSecurity, adding an additional security layer.

    5 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →
    declined  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    We do not see how this feature could improve Plesk security. All Plesk panel functions are behind a login, and the login can effectively be protected with the existing Fail2Ban jail. Also, this request only received very few votes through many years. We must decline it.

    -- PD

  12. nftables support (firewall)

    Since 2014, with Linux kernel 3.13 and later, a new system for providing filtering and classification of network packets, datagrams and frames was introduced: nftables

    It is stateful and more modular than iptables and does support IPv6.

    As there are already packages for Archlinux or RHEL and so for CentOS and you can install on your own (of course), it would be great if in an upcoming (major) release iptables is replaced by nftables. Or a switch is implemented to use either the one or the other.

    More information on:
    https://wiki.nftables.org
    http://netfilter.org/projects/nftables/
    https://wiki.archlinux.org/index.php/nftables

    5 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  13. fail2ban notification

    Make Fail2Ban send notifications when the server is under attack

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  14. A feature that enables storing logs, complaint and non-complaint to GDPR in Windows.

    The idea is to have non-compliant GDPR logs so debugging can be done and compliant GDPR logs that don't contain IPs for example.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →

  15. Manage all Firewall rules via Plesk GUI on Plesk for Windows

    Ability to manage all Firewall rules via Plesk GUI on Plesk for Windows

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  16. Extend Fail2Ban rules for Wordpress xmlrpc.php

    Extend the Fail2Ban Rules for Wordpress xmlrpc.php, because of many bruteforce attacks on this.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  17. Filter POST and PUT requests, but keep GET available

    It is needed to block PUT and POST requests from specific country, but keep GET available. For example, I do not want China to send POST and PUT to my server, but they are free to send GET in order to receive website's content.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  18. Anonymize current log files, not only rotated ones.

    Implement anonymization for current log files, not only for rotated ones on Linux.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  19. Implement client SSL certificates for authentication into mail

    There is an option in Outlook, mail.app and other clients "authenticate using certificate". HOwever Plesk does not allow to use this client based method of authentication.

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    0 comments  ·  Security  ·  Admin →

  20. to make an extension for administrative purposes adding IP's in the Firewalling option

    My list of IP's is growing, I like to have an option to write down these entries, for example.

    IP A belongs to company a
    IP B belongs to company b
    IP C belongs to person a

    4 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Security  ·  Admin →
← Previous 1 3 4 5 6 7 8
  • Don't see your idea?

Feature Suggestions

Categories

Feedback and Knowledge Base

(thinking…)