Christian Heutger

← Your Ideas for Plesk

My feedback

  1. Enhanced VPN support

    51 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    9 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    I already voted but I also see a need for VPN

    An error occurred while saving the comment
    Christian Heutger commented  · 

    Fully agree, for VPS as well as for Raspberry Pi there are many install scripts on how to install OpenVPN, Sophos UTM and others integrate OpenVPN as well, however none of such setups is such restricted and unusable as the Plesk VPN. Also need to adjust to use with MacOS Viscosity.

    Christian Heutger supported this idea  · 

  2. Implement ARC as addon to DMARC

    23 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    open discussion  ·  5 comments  ·  Feature Suggestions » Panel/Mail  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    DMARC will fail similar to SPF on forwarding, which is e.g. supported and widely used in Plesk. You implemented SRS to prevent SPF to fail, ARC is the same for DMARC.

    Christian Heutger shared this idea  · 

  3. More control of DKIM

    61 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    6 comments  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    1. or EC (https://tools.ietf.org/html/rfc8463) as 2048 bit also already going down to be insecure in the near future

    Christian Heutger supported this idea  · 

  4. Conceptional failures of your SSL It! extension

    2 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    Addendum: And do you also allow to set ciphers for other services like Plesk Panel here and different ciphers (because of worse support on client side) for mail server and to adjust DH param and EC DH param at cipher adjustment as otherwise it's still required to use sslmng in addition to what's provided in the plugin.

    Christian Heutger shared this idea  · 

  5. Deploy MTA Strict Transport Security

    46 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    5 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Christian Heutger supported this idea  · 

  6. Rspamd support

    184 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    31 comments  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    I would welcome rspamd. SA needs very much tweaks (additional to post-greet and rbl tweaks on postfix) to get close: Pyzor, Razor(2), DCC, adjustable/addable different rulesets, special plugins, GeoIP filtering, bayes could be fed with spam by spam archives like http://artinvoice.hu/spams/, should be tweaked by KAM rules etc. Look at my post on Proxmox Mail Gateway which is an antispam gateway, but also need tweaks. Great would be to have all of this in Plesk. A global bayes database for all Plesk users may help.

    Christian Heutger supported this idea  · 

  7. Support HPKP

    53 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Christian Heutger supported this idea  · 

  8. steering allowed SSLCiphers (negative >noCBC; positive >only GCM) for all System-layers (mail, Plesk-Login, Apache, Nginx) via Plesk

    20 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    open discussion  ·  2 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    For the first step would be great to automatically apply:

    plesk sbin sslmng -vvv --strong-dh --dhparams-size=2048

    And add:

    plesk sbin sslmng --ciphers="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA" --protocols="TLSv1.2" --services="proftpd sw-cp-server nginx apache autoinstaller dovecot" --custom -vvv

  9. Support of SELinux

    11 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    open discussion  ·  5 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Christian Heutger commented  · 

    There are many issues with selinux enabled, so that's no support.

    Christian Heutger supported this idea  · 

  10. Have multiple IPs in one subscription

    415 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    planned  ·  76 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Christian Heutger supported this idea  · 
    An error occurred while saving the comment
    Christian Heutger commented  · 

    Support the idea for multi-homed environment requiring a local IP for local access in addition with a VPN IP for VPN access. With an alias I could choose a local and a VPN name.

  11. to manage cipher suite settings (e.g. Poodle SSLv3 removal) via control panel

    18 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    3 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Christian Heutger shared this idea  · 

Feedback and Knowledge Base

(thinking…)