• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Plesk Password Protected

S

spilias

Basic Pleskian
Hello,

Is it possible to add .htaccess to Plesk Login Page?

I have a server with brute force logins.

Thanks
 
You can use fail2ban feature for protection you Plesk login page from brute force attacks:

ONE.png
 
Hi spilias,

"htaccess" - protections only work for apache - webservers, but the Plesk Control Panel uses it's very on webserver, based on nginx ( called "sw-cp-server" ).

You could add a password protection like for example

PHP: 
        auth_basic "Plesk Login Screen";
        auth_basic_user_file /etc/nginx/.htpasswd;

at "/etc/sw-cp-server/conf.d/plesk.inc" ( inside several existing location definitions! ) where ".htpasswd" has to be created by you with the desired username and encrypted password ( please see the documentation at http://nginx.com/resources/admin-guide/restricting-access/ ) ... but please be aware, that Plesk could always replace or overwrite the file "plesk.inc" in case of patches/updates/upgrades!


It is pretty "normal", that you experience brute force attacks on login screens, that's why using fail2ban, as suggested by @IgorG is always a good idea and please use a strong admin password and change it from time to time.
 
You must log in or register to reply here.

Similar threads

F
Question How to disable/restrict by IP <server-ip>/login_up.php ?
Replies
4
Views
745
W4ru
W
W
Issue Changed behavior regarding password protected directories.
Replies
3
Views
253
webmasterfreya
W
N
Question Add basic auth to login_up.php
Replies
6
Views
8K
kpushkarev
K
D
Issue Can't see the button for password protected directories
Replies
4
Views
458
Peter Debik
P
C
Resolved Protected directory not working for php files
2
Replies
31
Views
2K
Peter Debik
P
Back
Top