Skip to content

AdminSergey L (CTO, Plesk International GmbH)

My feedback

21 results found

  1. 526 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have serious doubts this function can really increase server security:
    1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
    2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

    As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

    As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Thanks Mikhail,
    That's actually very good point about distinguishing blind brute force attack from a targeted one. Much appreciated!

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @abc Good catch about root password. If you file that as a separate request, we are likely to improve it

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Curtis,

    I am afraid you are misinformed about locking admin or perhaps have much outdated information.

    In case someone is trying to bruteforce your password, you remain safe:

    - Plesk won't lock you if someone will try to bruteforce your password. Instead Plesk will add small delay on every false attempt, which doesn't make much difference for legitimate user (you), but makes any bruteforce nearly impossible as it would take too long.

    - The Fail2ban module will lock a particular IP. So intruder will be locked, but you will be able to login safely. Except (of course), when intruder works from the same computer as you are, which could be the case when you decide to test your Plesk for bruteforce resistance (so you were the "intruder"). But in the real world it is much unlikely scenario

    Some may also complain that bruteforcing itself can be considered DDoS attack, however different login name doesn't help here either - whether login is "admin" or not, the system will consume roughly the same resources on validating the attempt.

    So the summary is:
    - alternative login just cannot add more security than password already does. Adding extra symbol in password is equally effective as adding extra symbol in login name.
    - intruders cannot lock you from logging in. They can only lock themselves

    I can understand the fear when people see their servers are scanned, however looks like many people are looking for a false cure - scans won't disappear just because of the login changed. It doesn't take too much effort to try different login names in those bruteforce scripts.

    Many internet services would use emails as login names. As those emails are often publicly known it should have been considered as a huge security threat, but of course everyone recognizes that it is not a weak login that compromises security - but a weak password does.

    If you don't feel safe about your server, make sure you
    1) have fail2ban module fully enabled. it will lock any bruteforce intruder quickly
    2) have 2-factor auth extension installed. i.e. Clef. Here is an overview of available solutions: http://devblog.plesk.com/2015/02/passwords-in-plesk-just-say-no/
    3) enable strong passwords in settings or just make sure your password is strong enough - not a dictionary word, not derived from a dictionary word, and includes digits and special characters.
    Those things really improve security.

    Hope it helps

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Andrea, you have to watch your language here.

    It cannot be really critical whether hacker has as login as a starting point or not - anyway they know your server IP. If your password is secure, you are safe. Add dp12kln88d as a prefix to your password and you will have those extra "497....eee..." combinations. No difference. You can add much more into your password actually.

    Security is obtained via password, not via login.

    For those concerned for brutefocring - just enable fail2ban in Plesk and an intruder will be blocked after first few attempts.

  2. 164 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @ Daniel Hendricks, @Denver Prophit Jr.,

    The Uservoice link is actually available right in your Plesk control panel, just scroll down to the bottom of any page and see "Suggest an idea" link in the footer. We believe that's how most people discovered it.

    Lets us know if you still cannot see it

  3. 1,168 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Hi, we are updating status when there is some new information or status update from our end. Status updates are not frequent, but always meaningful.

    Unfortunately we cannot report to you any major change as of now:
    - this request is in remaining top5 (after higher priorities were delivered) and we fully recognize its priority for our customers
    - for quite a while we were seeing ClamAV as an alternative to already provided Dr.Web and Kaspersky antiviruses and honestly we considered that 2 available options should be already enough, while there were many other requests to work on. Especially given relatively easy manual integration of ClamAV by a server admin (guidelines are available online)
    - thanks to later posts of ClamAV supporters we re-evaluated ClamAV as a file scanner for web files, rather than for email. And in this context it definitely deserves more attention

    As of now we have a bunch of tasks assigned for the next release, but once we deliver the next version, we will seriously consider this item. Should there be any update on actual status, we will post it here

    We are thankful for everyones' votes and involvement

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @Anon: very good points, much appreciated!

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @Jake

    Thanks! Very good points

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @Jake,

    Well, your FTP users indeed can upload trojans or malicious code embedded in PDF files and images. But it cannot harm your server security, it will harm their site visitors, who will download those files. So I wonder how is your server impacted with these uploads?

    From server security standpoint, server admin shall probably be much more concerned for malicious HTTP uploads (not FTP), which are performed normally via a vulnerability in a hosted site and potentially can take over that site in a hidden manner or can take over a server (only in a combination with some other vulnerability, of course). mod_security shall be good solution against that, when accompanied by quality ruleset (such as the one from AtomicCorp). I don't fully understand how ClamAV is efficient here, given that it is very far from 100% efficiency and regular complete scans would likely cause huge load on a server.

    We observed a number of complains on high load from antiviruses scanning servers, but we have no positive data on their efficience. What is your experience about ClamAV file scan?

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    @Jake

    How scan of ftp uploads would improve your server security?

  4. 82 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Thank you @Gab T for explaining the usage. It really helps to understand the reason behind a request to evaluate its priority

    We will consider this, but cannot promise quick delivery. PHP version is tightly connected to website concept.
    However, did you consider placing scripts in different site and configuring virtual directories in .htaccess for SEO needs? Can that help?

  5. 286 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Hi, the actual status is always in the top right corner.
    This is an interesting to us, though votes are real low yet

  6. 54 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Hi, the original poster most likely meant the solution described in here
    https://ext.plesk.com/packages/f58eac32-6fda-4886-8d44-d3cb7b98933e-slave-dns-manager

    Let us know if it is not what you were looking for

  7. 5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    It might be impossible or dangerous technically. Home folder of each account has privileges configured in a way to prevent others from accessing them. We understand extra convenience of a global account, but wouldn't like to undermine security.

    But let us know if we are missing something...

  8. 406 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Thanks for your opinion Madalin,
    it is very interesting information!

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Could you tell a little more about this solution? What makes it preferred option for you? What are advantages over AWstats and Webalizer?

  9. 1,572 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We hear you and see a clear demand for this feature.

    I want to say that implementing these features requires a lot of investment, and in 2021 Plesk team keeps focusing on the delivery of other improvements (sad, but true).

    We will back to the re-evaluation of these features at the beginning of the next year.

    Please continue to share your use cases and requirements, and it would really helpful if you point to existing solutions that we can review and check before implementation.

    Your feedback is important to us. Thank you, everyone.

    AA

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Yes, we have some thoughts in this regards, but frankly it is not our top priority yet.

  10. 30 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Hi Timothy,

    Got your point about extensions. Which exactly extensions you would like to shortcut?

    Extensions are actually capable to make shortcuts for themselves in practically every spot of user interface. Maybe some extensions need to add entrypoints for them

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Hi David, when you need a shortcut for email or phpmyadmin - would it be a shortcut to "managing email for subscription abc.com" or "managing email for <select> subscription"? Same question about phpmyadmin

    Any other examples maybe? Examples are important, because if we will do shortcuts, they will be available for suggested operations only and surly not for every screen.

  11. 11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Mike, that is your decision whether to enable SELinux or not. If you enable it, then Plesk works with SELinux

  12. 671 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    No, Josh, unfortunately you cannot have better timeline. We are not posting ETA here.
    I am not sure where you grabbed information about "planned for years", but it is false statement. The function was included into our plans mid-last year, according to the log. When you see "In progress" status, that would mean relatively soon delivery.

    The best you can do is to vote for this feature, since currently it is still #40+ if sorted by votes.

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Josh, not sure where you grab the information about "planned since 2013". This is obviously not true, since mid-2013 is the first mention of this idea only.

    In general we avoid posting ETA here.

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/4143681-enable-horde-activesync-and-autodiscover-by-defaul#/comments

    ActiveSync included in Horde 5 should be preconfigured and working in Plesk (Horde Config, Apache Settings, autodiscover-Subdomain...)

    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    From https://plesk.uservoice.com/forums/184549-feature-suggestions/suggestions/4081390-support-for-imap-idle-push-e-mail-in-courier-ima

    The courier binary shipped with Plesk does not support the imap idle function aka push e-mail. Even if you configure ENHANCEDIDLE=1 in the courier config file, it won't work as it needs to be linked to libfam. libfam is either provided by legacy FAM or by gamin. Both are available in the package repositories of the distributions.

    Push e-mail is a very nice feature. Especially for power users who have their e-mail client open all day. With push e-mail you get an instant notifications on incoming mail. It is not necessary anymore to poll the imap server every 10 seconds for new emails. All major mail hosters support this feature.

    Using gamin, there is no actual reason why it should not be supported. am using it (self-compile) since 2009 and Plesk 9. Without any problems at all.

  13. 43 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Until .csv import is available, we would suggest to run bulk operations in CLI or XML API.

  14. 62 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Plesk supports version 8.9 (stable). You can only use 9.1 at your own risk

  15. 20 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    The path suggested by Marten is good workaround except it suggests a dangerous malpractice which will surely make your changes overwritten by Plesk.

    As Plesk documentation indicates you should never change templates in default/ folder (will surely be overwritten). Instead, copy those files into custom/ folder and modify them there without any risk of your changes lost
    http://download1.parallels.com/Plesk//Doc/en-US/online/plesk-linux-advanced-administration-guide/index.htm?fileName=66758.htm

    So the corrected path should be
    1. Identify this folder
    /usr/local/psa/admin/conf/templates/default
    (go /opt/psa/... for Debian/Ubuntu) and copy it into
    /usr/local/psa/admin/conf/templates/custom
    Make sure you preserve ownership and privileges
    2. Locate the file /usr/local/psa/admin/conf/templates/custom/domain/service/seoSafeRedirects.php
    and comment out all relevant commands
    2a. If you break something, just recover from /usr/local/psa/admin/conf/templates/default/domain/service/seoSafeRedirects.php
    2b. Then edit /usr/local/psa/admin/conf/templates/custom/domain/service/seoSafeRedirects.php
    ...
    Now continue with original Marten's instructions and your changes are safe for all future Plesk upgrades

  16. 40 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    free MailEnable in Plesk has supported IMAP for many years. Perhaps from the very beginning.

    If you transfer content to new Plesk server with MailEnable, mailboxes should be moved as well.

  17. 234 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Thanks for the scenario explained!

  18. 48 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    But what makes you want "mail space" counted separately from "web space"?
    For your example - you can just give customer 10 Gb for their web and mail files and no need to limit or count their mailboxes.

  19. 783 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    2 Rich Milns

    Nginx has proxy capabilities, thought it benefits in the other way than Varnish does. Nginx doesn't cache - so DB and PHP are still loaded in terms of CPU. But Nginx helps Apache to end process faster (fast local connection) and thus save on RAM when multiple visitors (especially when visitors on mobile traffic). And Nginx is transparent, so it doesn't require site re-configured.

    Not that Nginx fully replaces Varnish, but it handles high load problem from a different perspective

  20. 35 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    AdminSergey L (CTO, Plesk International GmbH) commented  · 

    Interesting. Would you mean customer certificate overriding server certificate? Or override only for default (self-signed) server certificate?

← Previous 1

Feedback and Knowledge Base