Skip to content

Anonymous

← Your Ideas for Plesk

My feedback

2 results found

  1. Redirect to https and only after to www when HSTS and www prefered domain are enabled

    13 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    7 comments  ·  Feature Suggestions » Web / SSL  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    An error occurred while saving the comment
    Anonymous commented  · 

    Implementation of this "feature" should not depend on popularity. It is the only right *and* secure way to redirect from non-www to www domain. If this is not done, then the HSTS header is never sent for the non-www version of the domain, allowing MITM attacks / stripping HTTPS.

    IMHO Plesk should use the secure way by default: redirect from HTTP to HTTPS first (allowing the HSTS header to be sent) and *then redirect from non-www to www.

    If there really are people who wish to not do this, avoid one redirect and immediately redirect to https://www.domain.tld, then allow them to override the secure default. IMHO this is over-optimization, as these days (with HTTP/2) there is not nearly as much overhead as there was before.

    Please fix this if this is not done already. :-)

    Anonymous supported this idea  · 

  2. Add XML API operations to manage Backup Password and Scheduled Backup

    24 votes

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Backup / Restore  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback
    Signed in as (Sign out)
    Close
    Close
    Anonymous supported this idea  · 

Feedback and Knowledge Base

(thinking…)