Skip to content

A. Great

My feedback

7 results found

  1. 106 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    A. Great supported this idea  · 
  2. 394 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    This is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features.

    The original request contains a manual solution, so, we consider to automate it. Please, add a comment if your case will not be solved with that solution.

    Thanks in advance!

    — rk

    A. Great supported this idea  · 
  3. 510 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    A. Great supported this idea  · 
  4. 105 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    A. Great supported this idea  · 
  5. 356 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    A. Great supported this idea  · 
  6. 556 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have serious doubts this function can really increase server security:
    1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
    2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

    As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

    As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

    An error occurred while saving the comment
    A. Great commented  · 

    It's hard to believe the admin username cannot be changed. Not using admin as a username is system admin 101 and is recommended by Datadog, Cloudflare, Wordfence, GCP, AWS, and multiple other security sources. Although my firewall and authenticator are doing their job, "admin" is the top choice that blackhats use for brute force attempts on my server.

    A. Great supported this idea  · 
  7. 57 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    A. Great commented  · 

    It is extremely important to add the functionality of providing SSH access to third-party users for a particular folder, like /var/www/vhosts/example.com/httpdocs/ or /var/www/vhosts/example.com/httpdocs/dir1
    Reason #1: FTP is insecure
    Reason #2: FTP nor FTPs is supported by the Cloudflare proxy
    Reason #3: For security reasons, third-party developers do not need root access (Plesk's current configuration). Highly productive teams need to delegate tasks to DevOps for specific directories and admins are subjected to data leakage when bypassing Cloudflare to connect via FTP in these highly productive environments.
    Reason: #4: Connecting a web app located in a specific directory to a third-party API using SSH via Plesk is unavailable.

    Ideal Solutions:
    Solution #1: Cloudflare enables a solution to proxy FTPs. or
    Solution #2: Plesk implements a solution for directory-specific SSH like FTPs.

    Non-ideal solutions:
    Non-ideal Solution #1: Advise customers to stop using Cloudflare or configure their DNS to bypass it for FTP. (This exposes their origin IP)
    Non-ideal Solution #2: Create multiple subscriptions for customers.
    Non-ideal Solution #3: Customers consider migrating their site to the sole use of GCP or AWS by dividing the site into individual projects. Configuring SSH connectivity for individual projects via Cloud platforms is very simple and easy and customers can continue using Cloudflare. This is a growing trend. Hopefully, Plesk can provide a solution to combat this loss of customers.

    Despite my extensive research, I may be overlooking a current solution. If so, please provide the resource.

    A. Great supported this idea  · 

Feedback and Knowledge Base