• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

security

  1. N

    Question Need help with TLS

    hello, according to ssllabs i have only TLS 1.2 enable on my server/domain i want to enable TLS 1.1 and TLS 1.0 Any one here to guide me most simplest way to enable TLS 1.0 and TLS 1.1
  2. B

    Issue Critical vulnerability in plesk ?, main domain

    my server hostname is server.example123.com my main domain is example123.com i was trying to list content of file via php interpreter at my example123.com domain from file /root/somefile (file is owned by root), this root directory is up up outside vhosts directory, i was shock that i could...
  3. 2

    "New Certificate" page will display saystem files when uploading symbolic link

    Hi there, because of a mistake on my side, I discovered something that I think is weird; I don't know however if it should be considered as a bug... Here comes the "header": ===================== PRODUCT, VERSION, MICROUPDATE, OPERATING SYSTEM, ARCHITECTURE Plesk Panel 11.5.30 Update #51...
  4. Luiz_Gustavo

    Security problem when Shared App Pool

    Hello, I create 2 websites in Plesk Windows for testing, both in the plesk default app pool (shared) and for my big surprise, I can write any files in SITE2 area from SITE1 subscription, using .NET script .:eek: I do not want to use a Dedicated App Pool for each subscrition to preverse memory...
  5. Ben

    Wordpress Scan when wp-contents has been renamed

    I habitually rename my wp-contents directory for security reasons (as part of iThemes Security). As a result Plesk no longer recognises the Wordpress installations on the server, when scanning so I'm unable to take advantage of Plesk's Wordpress features. Please could this be modified to allow...
  6. Paul Ellison

    Extension Development

    I am looking to develop my own Plesk extension to implement Two Factor Authentication though a third party provider called Duo Security. Having read a fair amount of documentation I have only found information about replacing/complementing the existing Username/Password login. Code from Google...
  7. S

    Wordpress toolkit security check not available in Plesk 12.5.30 update #23

    Hello all. We have Plesk 12.5.30 update #23 installed on an Ubuntu 14.04 server and we wanted to use the Wordpress Toolkit to check the Wordpress installation security. Regrettably this functionality seems to be gone. (Please see screenshot) Is there any way to get all the amazing Wordpress...
  8. S

    File Permissions Confusion

    Using Plesk 12.0.18 on Windows Server 2012, we're running php code that has two ways of adding files to the host. If we create the file using a pdf library on the host and save it in host subdirectory X, it has the same ownership properties as subdirectory X itself. If we use...
  9. E

    Plesk 12.5.30 Pyhton Enable But Security?

    Hi, I Have a Cloudlinux and Plesk 12.5.30. My client wants to support Python. (May be perl support ?) This is not problem for me. To enable Python scripting engine go to Tools & Settings > Apache Web Server > check python. and Hosting Settings.Under Web Scripting and Statistics check the...
  10. Y

    Plesk cookies with "secure" attribute on 8443 port

    Hi, Recently we ran into a problem with PCI compliance scan on our sever with Linux Plesk 12.0.18 installed (CentOS release 6.6 OS). The problem is that cookie which is sent when you open control panel login page at 8443 port does not have "secure" attribute. According to most recent PCI...
  11. R

    Plesk 12.x.x Backup Manager Encryption - Security Issue

    Hi all, I have got the Plesk backup manager running scheduled back up jobs to a private FTP server without any trouble i've noted that even though that encryption and a very strong password is used at Plesk Backup Manager settings the file can be easily opened without anytrouble using 7-ZIP...
  12. danami

    Resolved Juggernaut Security and Firewall Plesk Addon

    Juggernaut Security and Firewall Extension for Plesk Juggernaut features a SPI firewall, brute force protection, real-time connection tracking, intrusion detection, dynamic block lists, statistics and reporting, modsecurity auditing, country blocking and more cutting-edge technology to handle...
Back
Top