Skip to content

Arend

My feedback

3 results found

  1. 543 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We have serious doubts this function can really increase server security:
    1) Plesk has built-in protection against brute-force on login – it will lock the login form. So no one can try multiple attempts
    2) Arbitrary login name adds very little guess-complexity to a proper password. If you have concerns for your login brute-forced – add another 5-7 characters into your password and feel safe.

    As changed login name is still very likely to be some sort of vocabulary word or derived from your other account name – this function would only give a false sense of better security. Your security strength is in complex password, not in a complex login name. If you have one good password, you don’t need to treat login as your “second password” – one good password is enough.

    As for concerns that default password requirement is set in “weak”, that fail2ban module is not…

    An error occurred while saving the comment
    Arend commented  · 

    Perhaps Plesk can make it that you can login by e-mailadres instead of a username. After all, the e-mailadress is already required.

    Arend supported this idea  · 
  2. 573 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    Arend supported this idea  · 
  3. 77 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    An error occurred while saving the comment
    Arend commented  · 

    ConfigServer Security & Firewall (csf) is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion detector and Security application for Linux servers. Even more, it's available free of charge at https://configserver.com/cp/csf.html

    It's a solid application I have been working with for many years and has on-going support and updates. It has a user interface available for cPanel, DirectAdmin and Webmin, but sadly not for Plesk (although it can be managed via the console).

    I hope the Plesk team can consider adding CSF as firewall option. If not, it would be nice that we at least have a user interface available to manage it, when installed manually.

    Thanks for your consideration.

    Arend supported this idea  · 

Feedback and Knowledge Base