Skip to content

A. Great

← Your Ideas for Plesk

My feedback

7 results found

  1. Allow multiple SSH-accounts in a subscription

    106 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    14 comments  ·  Feature Suggestions » Plesk (general)  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    A. Great supported this idea  · 

  2. Enable chrooted sftp for more than one user per account

    394 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    101 comments  ·  Feature Suggestions » Plesk (general)  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    open discussion  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

    This is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features.

    The original request contains a manual solution, so, we consider to automate it. Please, add a comment if your case will not be solved with that solution.

    Thanks in advance!

    — rk

    A. Great supported this idea  · 

  3. Create separate Mail and Web Space

    510 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    open discussion  ·  21 comments  ·  Feature Suggestions » Panel/Mail  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    A. Great supported this idea  · 

  4. Temporary FTP accounts (with expire date)

    105 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    5 comments  ·  Feature Suggestions » Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    A. Great supported this idea  · 

  5. Use Lets Encrypt to secure FTPs connections

    356 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    74 comments  ·  Feature Suggestions » Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    A. Great supported this idea  · 

  6. Change admin username

    556 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    69 comments  ·  Feature Suggestions » Security  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    open discussion  ·  AdminSergey L (CTO, Plesk International GmbH) responded

    We have serious doubts this function can really increase server security:
    1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
    2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

    As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

    As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

    An error occurred while saving the comment
    A. Great commented  · 

    It's hard to believe the admin username cannot be changed. Not using admin as a username is system admin 101 and is recommended by Datadog, Cloudflare, Wordfence, GCP, AWS, and multiple other security sources. Although my firewall and authenticator are doing their job, "admin" is the top choice that blackhats use for brute force attempts on my server.

    A. Great supported this idea  · 

  7. SSH access to only httpdocs folder

    57 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    16 comments  ·  Feature Suggestions » Plesk (general)  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    A. Great commented  · 

    It is extremely important to add the functionality of providing SSH access to third-party users for a particular folder, like /var/www/vhosts/example.com/httpdocs/ or /var/www/vhosts/example.com/httpdocs/dir1
    Reason #1: FTP is insecure
    Reason #2: FTP nor FTPs is supported by the Cloudflare proxy
    Reason #3: For security reasons, third-party developers do not need root access (Plesk's current configuration). Highly productive teams need to delegate tasks to DevOps for specific directories and admins are subjected to data leakage when bypassing Cloudflare to connect via FTP in these highly productive environments.
    Reason: #4: Connecting a web app located in a specific directory to a third-party API using SSH via Plesk is unavailable.

    Ideal Solutions:
    Solution #1: Cloudflare enables a solution to proxy FTPs. or
    Solution #2: Plesk implements a solution for directory-specific SSH like FTPs.

    Non-ideal solutions:
    Non-ideal Solution #1: Advise customers to stop using Cloudflare or configure their DNS to bypass it for FTP. (This exposes their origin IP)
    Non-ideal Solution #2: Create multiple subscriptions for customers.
    Non-ideal Solution #3: Customers consider migrating their site to the sole use of GCP or AWS by dividing the site into individual projects. Configuring SSH connectivity for individual projects via Cloud platforms is very simple and easy and customers can continue using Cloudflare. This is a growing trend. Hopefully, Plesk can provide a solution to combat this loss of customers.

    Despite my extensive research, I may be overlooking a current solution. If so, please provide the resource.

    A. Great supported this idea  · 

Feedback and Knowledge Base

(thinking…)