as brotli seams to be a up to 20% better comression library than gzip and used by many CDN Providers it should be possible to switch on in plesk.

It is not possible to add an ip manually to fail2ban trough Plesk interface. Sometimes you detect an offending ip address which you want to ban from your system, before it is detected by recidive rule.

Add description/comment field to trusted ip address on fail2ban

A carddav and caldav Server

Add support of TLS 1.3 to Plesk interface's web server. TLS 1.3. improves security.

Have the ability to provide more Nginx builds/packages. For example, offer a 'nginx-full'-package with more modules.

For example, I need the Nginx headers more module. Since this need to be built-in at compile time, it isn't possible to add this later on. So that would mean replace the Plesk version of Nginx with the distro-default. (Heck, why does Plesk need it's own Nginx-build, anyway?)

No, passing headers from Apache is not an option, especially when I'm using the Nginx - PHP-FPM setup.

It would be great to have ftp account with an expire date.
A sort of temporary ftp accounts.

This becomes really usefull when you need to share your ftp details temporary with a webdeveloper, or somebody else to maintain of check an website.

I always make a new FTP account for this sort of events, but then forget to delete them. It would be real nice if you could set a expire date that the account automaticly blocks itself after that date is past.

Ability to renew a subscription based on the subscription plan's configured subscription expiry date.

So if a subscription expires in ten days from now and it's subscription plan is set to expire in one year, I would like to be able to click a Renew button to extend the subscription with one more expiry unit (1 year in this case, 2 years if the subscription plan would have been set to expire every two years).

Also show renewal date in the list and sort by renewal date

This would allow you to see mailboxes that are no longer in use.

Many times I find that some subscriptions won't sync because they are locked. I'd really like to know why they are locked. So far, I've been able to unlock & sync with no noticeable changes. But I'm left wondering what caused the lock in the first place. And I'm afraid that I'll realize later something no longer works as expected.

I would like to administrate multiple Docker container via Compose, editable over the Admin panel. Some easy deploying mechanism including the Volumes of the container from my local machine over upload or git would be nice.

Please compile nginx with these extra options to provide even faster time-to-first-byte responses on modern kernels:

./configure ... --with-cc-opt='-DTCP_FASTOPEN=23'

Background information and complete guide: https://www.masv.io/enabling-tcp-fast-open-nginx-centos-7/

The implementation of the centralized smartermail in plesk onyx for windows is good, but it should also be possible to integrate this feature into the linux edition.

Many hosters provide both windows and linux hosting with ONE centralised mail solution. Since the integration for winodws is already done I suppose it shouldn't be too hard to integrate it into the linux version as well since smartermail is completely API based.

We need to protect with SSL certificates panels resellers. It is currently not possible.
This should be an urgent implementation.
Resellers constantly have the error that the website is not secure.

Right now we can only put a SSL to protect the panel. We need to protect the panel for more domains.

Example:

https://domain1.es:8443
https://domain2.es:8443
https://domain3.es:8443

etc...

Forgive my translation, I use google translator.

SPF information is so far entered through the TXT record. Adding the emerging new SPF record would make sense.

We would like to request for the File Manager search function previously present in Plesk 10 to be reinstated in Plesk 11.5.

In Fail2ban (great idea to include it in plesk!) settings you can set "Time interval for detection of subsequent attacks" (findtime) in general. But it would be interesting this setting per Jail.
Why?
you could have 2 jail with same filter but different findtime. Example:
Jail 1) 5 failures in 600 seconds: 1800 seconds ban
Jail 2) 30 failures in 86400 seconds: 604800 seconds ban

There are bots that detect if you have some protection fail2ban or similar and it will adapt, login attempt every 300 seconds for example. Jail 1 no detect this attack, but Jail 2 yes.

The version of GD provided with Plesk PHP packages does not have support for webp enabled by default. Almost all browsers now support this format.
https://developers.google.com/speed/webp/