Currently CloudFlare ServerShield is implemented using partial (CNAME) setup. What is the point in a partial setup when you can benefit from full DNS? You get anycast DNS with CloudFlare on full DNS.

Hello,

is better if such as "wordpress toolkit" you implement this software in plesk https://www.rfxn.com/projects/linux-malware-detect/ + ClamAV (is more faster the maildect search).

With this way, anyone can scan our website from malware. And after scan, the user need to have an notify via email or directly into plesk. This inscrease the security of website and also increase the plesk security.

I use it somethimes for scan all website into our web hosting, and I found it very usefull for prevent serius problem of botnet, hacked website etc.

I hope that you can consider to implement this function.

Regards

I am sending mails from an external server, my Plesk Servers do not even have mail setup. Plesk offers the option to send notification mails (like backup errors,...) using an external SMTP server, but all mails get sent using the mail address
root@servername.domain.tld

My SMTP server does not have this mail address or even domain setup. I would like to set a custom email address for Plesk to send mails from in order to not have to set up a domain and mail address for every Plesk server.

The new security option for plesk 12 is Fail2Ban, but it is only for Linux version.

There is an opensorce for windows.

http://www.digitalruby.com/securing-...icated-server/

I suggest to Parallels Team include this.

phpPgAdmin support was dropped starting from Plesk Onyx 17.8
This means that Plesk does not have any management tool for Postgres databases shipped with it.

I suggest to include pgadmin in Plesk installation since the latest ve
rsion of this software (2018-09-06 - pgAdmin 4 v3.3 Released) has just been released, with adequate security. More info about it you can find here:
https://www.pgadmin.org/

Actually it's possible to show deferred messages headers in : Tools and settings > mail server settings > mail queue

It would be very useful if it's possible to show the reason why the message is deffered or stuck in the queue (/var/spool/postfix/defer).

Add description/comment field to trusted ip address on fail2ban

Currently docker containers are skipped by the backup manager, would be great to include them as well.

I'm not sure if any webmail option right now allows the email user to update their out of office / auto response message. I think the email user has to login to Plesk to be able to edit that right now (which is annoying).

Anyone have any suggestion on this?

Being able to modify the subject in notification emails.

It is not possible to add an ip manually to fail2ban trough Plesk interface. Sometimes you detect an offending ip address which you want to ban from your system, before it is detected by recidive rule.

We have a setup where webmail.example.com and example.com point to another server than our Plesk instance. Because of this we can't enable Let's Encrypt on Webmail since the CSR contains webmail.example.com and example.com.
So I hope you consider adding an option to only create webmail.example.com (without SAN example.com)

Currently only the certificate used to secure plesk is used for all FTPS connections.

It would be useful to be able to use other certificates for FTPS connections, specifically ones already used for other domains.

Thank you

At this moment you can change favicon.ico by replacing /usr/local/psa/admin/htdocs/favicon.ico, however it will be replaced on Plesk update.

It is also not possible to make it permanent using custom theme from Plesk branding guide.

Please make a way to customize favicon.ico on permanent basis

Please add PHP Composer to chrooted Environments.
Many Customers Need PHP Composer to install various scripts, cms Systems and libaries.

A current big Problem is the new typo-neos System - you must use Composer to install at sources correctly

A other Problem are PHP API's and Libaries like Payment Companies like PAYMILL etc..

As of now, feature with 178 votes is available in Plesk Onyx 17.9 Preview only: https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/17924536-fail2ban-now-supports-ipv6-please-upgrade

It would be awesome to have this feature available on earlier versions of Plesk Onyx without the necessity to wait until Plesk Onyx 17.9 becomes stable.

The DMARC support in Plesk Onyx 17.5.3 ist incomplete. If an incoming email is rejected due to a DMARC fail there is no mailer daemon generated to inform the sender of this email.

Please add this important feature to DMARC support. Otherwise it would not be usable for most customers.