Feature Suggestions
Please provide here your suggestion for new functionality for Plesk. We encourage you to review and vote for suggestions of others. The top-ranked suggestions are likely to be included in the next versions of Plesk.
Please write in English so that voters from all over the world can read and support your request.
Off-topic posts will be removed from here
- or
8 results found
-
Update PCI Compliance Guide in documention
Hello,
the guide for creating PCI Compliance on linux servers is outdated in Plesk obsidian. The Etag fix is not necessary with apache 2.4 and therefore misleading. cf https://docs.plesk.com/de-DE/obsidian/administrator-guide/plesk-administration/absichern-von-plesk/compliance-mit-pci-dss/abstimmen-von-plesk-auf-pci-dss-unter-linux.78899/
But otherwise thank you for creating a great system!
1 voteIt looks more like bug than feature request.
Please, submit detailed report here https://talk.plesk.com/forums/reports.746/
—
IG -
Secure FTP
Support FTPS (FTP-SSL) for uploading files securely and easier pass of PCI compliance
17 votesAvailable in Plesk 11.5
-
Set right ciphers by default on Windows
There is a documentation how to do it manually: https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/pci-dss-compliance/tune-plesk-to-meet-pci-dss-on-windows.78901/
but there is no tool to do it automatically (and by default during the installation).
4 votesAFAIU, the request is about right ciphers for SSL configuration. We have a documentation how to do it manually: https://docs.plesk.com/en-US/onyx/administrator-guide/plesk-administration/securing-plesk/pci-dss-compliance/tune-plesk-to-meet-pci-dss-on-windows.78901/ but have no tool to do it automatically, so, this is a valid request, we’ll look into it.
There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
— rk
-
Please add a recommended "file integrity monitoring" tool to your extensions catalog
Any server that needs to be PCI compliant needs to have running a "file integrity monitoring" tool.
1 voteThis request was declined as it was created is more than 2 years ago and have the low number of votes.
If you would like to suggest a specific file integrity monitoring tool for implementation please feel free to create a new feature request.
Thank you.
—
AA -
Disable old TLS protocols in Plesk for Windows
In Plesk for Linux, Plesk provides a functionality to select the SSL protocols available by running:
plesk bin server_pref -u -ssl-protocols "TLSv1.2"
Or meet with PCI compliance with the utility:
plesk sbin pcicomplianceresolver
Plesk for Windows doesn't provide such functionality, moreover, Plesk doesn't recommend to disable these protocols: https://support.plesk.com/hc/en-us/articles/115000360813
It'd be really helpful and safe that Plesk will provide officially the support of the same functionality for Windows, especially for companies that are requiring high-security standards.
14 votesThank you for your input. We will consider this functionality in upcoming releases if it is popular. Everyone, please continue voting for this feature if you consider it important.
—
IG -
Upgrade MailEnable in Windows editions to support SSL/TLS
The Windows edition of Plesk is currently using MailEnable as its E-Mail server and it is a community edition (Standard) which does not support secured services such as SMTP/s, IMAP/s, POP3/s. So its the only problem for us to get PCI compliance unless we buy it ourselves with a higher annually price. The Plesk company may deal with them for upgrading at least to the Professional edition and make it available in licensing with a suitable monthly price.
6 votesGood news everyone :)
Starting Plesk Onyx 17.5 the installation contains Mail Enable 9.10, which supports SSL/TLS in Standard edition. -
Let pci_compliance_resolver --enable postfix also set FORWARD SECURITY and go dor TLSv1.3
Even though server supports TLS 1.2, the cipher suite configuration is suboptimal. It is recommend to configure the server so that the cipher suites providing forward secrecy (ECDHE or DHE in the name, in this order of preference) and authenticated encryption (GCM or CHACHA20 in the name) are at the top. The server must also be configured to select the best-available suite!
also there is TLSv3 https://tools.ietf.org/html/rfc8446
(and draft is used already a long time by many;)http://www.postfix.org/TLS_README.html
And while Playing on Mailserver think about MTA Strict Transport Security (Draft standard) and Email DANE / TLSA.
THX
3 votesThis is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features. Thanks in advance!
— rk
-
Add SSH2 extension to PHP default extensions to improve security
Hi,
Please consider add SSH2 extension to PHP default available extensions.
To be able to use FTP over SSH (SFTP) the SSH2 extension must be installed on PHP.
IN SHORT: SFTP (SSH2 EXTENSION) = SECURITY
SFTP means secure file transfer via Secure Shell (or SSH), hence the name SSH File Transfer Protocol (SFTP). The two devices (server and client) communicate via a single channel, that of SSH, in which the remote file management commands are sent and where the file transfer takes place. By default, the only port required for SFTP is 22, the same as SSH.
SFTP implements the…
33 votesSince Plesk Obsidian 18.0.49 that was published December 20th, 2022, the Plesk PHP configuration page in "Tools & Settings" has a new option where you can easily install PHP PECL packages. The SSH2 extension is a PECL package as described in https://pecl.php.net/package/ssh2. It can be installed right out of the Plesk user surface using the new PECL installer.
-- PD
- Don't see your idea?