Magnus Alexandersson

My feedback

  1. 348 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    43 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →

    We have serious doubts this function can really increase server security:
    1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
    2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

    As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

    As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

    Magnus Alexandersson commented  · 

    This is a respond to That Guy.

    Plesk creates a user called admin and uses the password you set when you installed plesk onyx via web interface. What thet should let us do is enable us to rename this user to whatever we want and disable the root user login.

    The problem is that because pretty much every single piece of Unix software in existence assumes that the username 'root' exists and that it is the superuser -- mail aliases, various daemons, cron...

    So for future reference do not use root when you login to plesk gui use admin :) Hope this clears this up.

    Remember set a strong password for the root user in the mean time :) 25+ char long if plesk supports it :D

    As Ben has said use google authentication.

    or as Anonym said

    Go to '' /opt/psa/admin/conf '' then name the " panel.ini.sample " - file to panel.ini and insert:

    [login]
    systemAdmin = false

    im going to do it right now :D

    I trust Plesk with our users data and if ur super paranoid dont enable ftp only let users in via gui and set a strong password for ur users. Remember its your job to keep your users data safe with the tools you have. If you dont like it dont use it.

  2. 10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Feature Suggestions » WordPress Toolkit  ·  Flag idea as inappropriate…  ·  Admin →
    Magnus Alexandersson commented  · 

    Please add this feature.

    Magnus Alexandersson supported this idea  · 
  3. 186 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    29 comments  ·  Feature Suggestions » DNS  ·  Flag idea as inappropriate…  ·  Admin →
    Magnus Alexandersson commented  · 

    This is now 2018. please add this. even windows servers from 2008 has it and its easy to set up in bind.

    Magnus Alexandersson supported this idea  · 

Feedback and Knowledge Base