Question Disable Plesk login link

[kevinjansen]

Server operating system version

Almalinux 8

Plesk version and microupdate number

18.0.65

Hi Everyone,

I have the following question. I like to disable the plesk login screen, our customers login in our own dashboard and gets logged in with a single sign-on link.
For security reasons i want to complete disable the login screen. But so far i was not able to succeed. What i have tried.

1. create a blanco file for: /usr/local/psa/admin/htdocs/login_up.php since this is encrypted and i am not able to only remove the login form.
That did not work since that file is required for the autentication of the SSO link.

2. Changing panel.ini:
[login]
enabled = false

No succes there.

Searched for extensions to enforce SSO only, but there is none.

Forcing the server login to 8443 and put 8443 behind a firewall half works. You dont have a login link, and our system still can create a SSO link (because its whitelisted), but the customer is not able to login because he is not able to reach 8443. Is there any setting / plugin i missed to force only login over sso and or remove the login form from the php file so the authentication still works but the form is not shown when you directly visit the page.

Kind regards,

Kevin

 

[Sebahat.hadzhi]

Hello, @kevinjansen. Unfortunately, there is no option to completely disable the Plesk login page. What you may try is to add the following directive for login_up in /etc/sw-cp-server/conf.d/plesk.inc:

location = /login_up.php {
allow X.X.X.X (The IP address of your dashboard);
deny all;
}

Please note that I cannot guarantee this will work for your specific requirements, also it is best to ensure you have SSH access to the server prior to performing any changes to avoid getting locked out. If you decide to give it a go, please note that you need to restart the sw-cp-server service to apply the change.

Alternatively, what you might consider is configuring a redirection to your Dashboard.