Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Please be aware: Kaspersky Anti-Virus has been deprecatedWith the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.
It would be VERY helpful in a security sense to force a password change whom use emails services (via roundcube). So if I have 100 users who do not access the panel, but simply have email, they would be forced to change passwords every 30 days?
System could remember a certain number of old passwords (admin configurable) and prevent user from selecting these again. Have had more cases than I'd like to admit where customer re-used a previously compromised password. If Plesk remembered the last x passwords used by that account it...
plesk.uservoice.com
If you would like to see a forced password update term for the panel login, please create a new feature request. However, I remember that research has shown that such forced password updates are useless in terms of security. Don't remember the source though.
Thank you for your support Peter, the topic you mentioned is important I will keep in mind. If there is the situation you mentioned, it would be appropriate to increase the difficulty of the password instead of renewing the password. Please correct me if I'm wrong. In my opinion, in the case of a continuous attack, part of the password will be decrypted in a certain time.
You are right that it is easy to decrypt passwords today, even longer onces, because a lot of computing power is available from some graphics adapters. But when you have Fail2Ban activated in Plesk, this will stop attackers after very few attempts (configurable), so there is no way that brute-forcing can succeed against a Plesk panel.