My feedback

1. SSL Cert for a Domain frame forwarder

   147 votes

   Vote Vote Vote

   Sign in

   prestine

   Your name

   Your email address

   (thinking…)

   

   Password

   Sign in with: Facebook Google

   Forgot password?

   Create a password

   I agree to the terms of service

   Signed in as (Sign out)

   Close

   Close

   Subscribe

   We’ll send you updates on this idea

   41 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…Flag idea as inappropriate…  ·  Delete…  ·  Admin →
   open discussion  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

   Thank you for your input! We will consider this functionality in upcoming releases if it will be popular.
   Everyone, please continue voting for this feature if you consider it important.

   — rk

   Stefan supported this idea  ·  August 16, 2019

2. Change admin username

   360 votes

   Vote Vote Vote

   Sign in

   prestine

   Your name

   Your email address

   (thinking…)

   

   Password

   Sign in with: Facebook Google

   Forgot password?

   Create a password

   I agree to the terms of service

   Signed in as (Sign out)

   Close

   Close

   Subscribe

   We’ll send you updates on this idea

   44 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…Flag idea as inappropriate…  ·  Delete…  ·  Admin →
   open discussion  ·  AdminSergey L (Director of Program Management, Plesk International GmbH) responded

   We have serious doubts this function can really increase server security:
   1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
   2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

   As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

   As for concerns that default password requirement is set in “weak”, that fail2ban module is not enabled by default or may consume extra resources, etc – they are much irrelevant here. If someone is not willing investing some time into setting better password, into changing password policy or into installing/enabling server protection – changed admin name will again be only a false sense of security. If a password is “1234567”, then login doesn’t really matter.

   We have serious doubts this function can really increase server security:
   1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
   2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

   As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

   As for concerns that default password requirement is set in “weak”, that fail2ban module is not… more

   Stefan supported this idea  ·  June 20, 2018

3. Use "Let's encrypt" to secure IMAP/POP/SMTP connections

   449 votes

   Vote Vote Vote

   Sign in

   prestine

   Your name

   Your email address

   (thinking…)

   

   Password

   Sign in with: Facebook Google

   Forgot password?

   Create a password

   I agree to the terms of service

   Signed in as (Sign out)

   Close

   Close

   Subscribe

   We’ll send you updates on this idea

   49 comments  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…Flag idea as inappropriate…  ·  Delete…  ·  Admin →
   open discussion  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

   As UserVoice staff cleaned up the most of twisted voices, I’ve returning this suggestion to open discussion.

   Everyone, please continue voting for this feature if you consider it important.

   —IB

   Stefan supported this idea  ·  June 20, 2018

4. Enable chrooted sftp for more than one user per account

   188 votes

   Vote Vote Vote

   Sign in

   prestine

   Your name

   Your email address

   (thinking…)

   

   Password

   Sign in with: Facebook Google

   Forgot password?

   Create a password

   I agree to the terms of service

   Signed in as (Sign out)

   Close

   Close

   Subscribe

   We’ll send you updates on this idea

   61 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…Flag idea as inappropriate…  ·  Delete…  ·  Admin →
   open discussion  ·  AdminPlesk Staff (Community Manager, Plesk International GmbH) responded

   This is a valid request, so we’ll look into it. There is no ETA at the moment, but we would really appreciate you voting for this request so that we can accurately assess its popularity relative to other features.

   The original request contains a manual solution, so, we consider to automate it. Please, add a comment if your case will not be solved with that solution.

   Thanks in advance!

   — rk

   Stefan supported this idea  ·  June 20, 2018