Christian Heutger
My feedback
-
443 votes
Hi. We’ve started this. It will be available as a part of our new SSL It! extension.
— rk
Christian Heutger
supported this idea
·
-
32 votes
Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
—
AAChristian Heutger
commented
Fully agree, for VPS as well as for Raspberry Pi there are many install scripts on how to install OpenVPN, Sophos UTM and others integrate OpenVPN as well, however none of such setups is such restricted and unusable as the Plesk VPN. Also need to adjust to use with MacOS Viscosity.
Christian Heutger
supported this idea
·
-
89 votes
Thank you for your input! We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.—
IGChristian Heutger
commented
I would welcome rspamd. SA needs very much tweaks (additional to post-greet and rbl tweaks on postfix) to get close: Pyzor, Razor(2), DCC, adjustable/addable different rulesets, special plugins, GeoIP filtering, bayes could be fed with spam by spam archives like http://artinvoice.hu/spams/, should be tweaked by KAM rules etc. Look at my post on Proxmox Mail Gateway which is an antispam gateway, but also need tweaks. Great would be to have all of this in Plesk. A global bayes database for all Plesk users may help.
Christian Heutger
supported this idea
·
-
1 voteChristian Heutger
shared this idea
·
-
41 votes
Thank you for your input! We will consider this functionality in upcoming releases, if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
— SU
Christian Heutger
supported this idea
·
-
17 votesopen discussion · 2 comments · Feature Suggestions » Security · Flag idea as inappropriate… · Admin →Christian Heutger
commented
For the first step would be great to automatically apply:
plesk sbin sslmng -vvv --strong-dh --dhparams-size=2048
And add:
plesk sbin sslmng --ciphers="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA" --protocols="TLSv1.2" --services="proftpd sw-cp-server nginx apache autoinstaller dovecot" --custom -vvv
-
8 votesopen discussion · 5 comments · Feature Suggestions » Security · Flag idea as inappropriate… · Admin →Christian Heutger
commented
There are many issues with selinux enabled, so that's no support.
Christian Heutger
supported this idea
·
-
13 votesChristian Heutger
supported this idea
·
Christian Heutger
shared this idea
·
-
274 votes
The idea is under review now.
We would like to learn from you how you will use it. i.e. different domains on different IPs for SSL (but did you know about SNI?), or for subdomains? for aliases? Why an alias would need another IP?
Thanks for all your answers and votes
Christian Heutger
supported this idea
·
Christian Heutger
commented
Support the idea for multi-homed environment requiring a local IP for local access in addition with a VPN IP for VPN access. With an alias I could choose a local and a VPN name.
-
14 votesChristian Heutger
shared this idea
·
I'm not sure, if that's the best place, but there seems to be a "bug" in your current SEO safe redirects setup regarding HSTS and primary using the HSTS preload list.
This list requires, that the headers are sent from https://example.com (maybe redirected by http://example.com and not first redirecting to http://www.example.com and then https://www.example.com) as the preload submission tool rejects such redirects.
So your SEO safe redirects are working somehow the "wrong order", if HSTS submission is planned.