How to secure Plesk login page?

Emily Routledge

Emily Routledge

Active member
Registered
Joined
Aug 13, 2016
Messages
67
Points
8
After installed Plesk onyx, do I need to secure for Plesk? for example, I need to secure Plesk login page or change port or something else to make my Plesk secure?
 
VirtuBox

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
Emily Routledge said:
After installed Plesk onyx, do I need to secure for Plesk? for example, I need to secure Plesk login page or change port or something else to make my Plesk secure?
Click to expand...
Hello,
no, you just have to enable the "IP Address Banning (fail2ban)" in Tools & Settings to make sure Plesk login page will not be attacked by bruteforce.
 
CiAN

CiAN

New member
Registered
Joined
Dec 23, 2017
Messages
14
Points
3
Out-of-the-box Plesk is already quite secure, however there are some further tweaks you can use without needing to pay extra.... these include:

1. tools & settings - system updates [ensure automatic plesk & system updates are active]
2. tools & settings - server-wide mail settings [switch on spam protection based on DNS blackhole lists - you can use their suggested defaults]
3. tools & settings - spam filter settings [switch on server-wide SpamAssassin spam filtering]
4. tools & settings - spam filter settings [switch on server-wide greylisting spam protection - hugely reduces spam by causing messages to attempt delivery more than once (spammers almost never do)]
5. tools & settings - firewall [enable]
6. tools & settings - IP address banning (fail2ban) [enable - and remember to set yourself as a trusted IP Address, to avoid being locked out...]
7. install and activate the extension Google Authenticator for two factor authentication, if you have a fixed IP on your Internet broadband connection, you may also consider restricting the admin login to that...

There are further things of course, but the above gets you going and are low stress items... as always, your mileage may vary!
 
CiAN

CiAN

New member
Registered
Joined
Dec 23, 2017
Messages
14
Points
3
Best answer
Simply switching it on will turn on the default rule sets for a Plesk server (Windows and Linux), meaning service ports in use will be opened and others closed...

After that, it depends if you want to close some of the default ones off... which is a whole thread in itself... such as you may decide you do not want to have insecure / non-SSL web ports, mail ports, etc open, or you know some will not be used even though they are bundled, etc... but it really is something to consider on a case by case basis although I would suggest you disable what you dont use... the below example is for Linux, so Samba (Windows file sharing) has been turned off, as well as the usual ~if not allowed explicitly above, deny all other traffic rules near the bottom.

1555061740553.png
 
H

HostechSupport

Active member
Registered
Joined
Jan 19, 2013
Messages
68
Points
8
Plesk is already secured with port no. 8443
 
You must log in or register to reply here.
Older Threads
Cheerag Nundlall
Cheap and reliable VPN services?
Replies
5
Views
2,875
Cheerag Nundlall
robot
Bought an .xyz domain. Do I park it or build on it?
Replies
3
Views
2,155
Ash
Chris Worner
Why do people still using Xenforo 1.5.x or 2.0.x?
Replies
0
Views
1,341
Chris Worner
David Beroff
SMTP Host of Plesk Onyx?
Replies
5
Views
2,222
cloudean
David Beroff
How to update Plesk Onyx?
Replies
3
Views
2,363
VirtuBox
Newer Threads
Fusion Arc Hosting
Web Hosting - Fusion Arc Hosting
Replies
4
Views
2,191
Fusion Arc Hosting
ITivan80
Your Storage, Your Choice Deals - E5-1650 for $180 from Colocation America
Replies
2
Views
1,943
ITivan80
Cloudcone
GOT Offers | KVM Servers starting at $2.49/MO of upto 50% off, Limited stock available
Replies
3
Views
1,711
miken
R
SEO Backlinks
Replies
3
Views
2,286
BlueLeaf
Chris Worner
Godaddy renewal price is so high?
2 3
Replies
50
Views
17,586
visualwebhost
Latest Threads
R
How much bandwidth is enough for a growing website?
Replies
1
Views
27
FerdieQO
J
How does Jtti Server Defend against DDoS attacks?
Replies
0
Views
192
jtti
J
What are the performance differences between DNS load Balancing and reverse proxy?
Replies
1
Views
173
FerdieQO
hostiko
What Features Do You Value Most in a Hosting Provider?
Replies
1
Views
40
FerdieQO
GreenhostCloud
Free vs. Paid Hosting: Is It Worth It?
Replies
2
Views
83
FerdieQO
Recommended Threads
PenguinManiac
Average profit during first year of hosting reselling?
Replies
10
Views
6,192
MooMooHost
samimnoorzaitgc
20,000 Targeted Visitors for just $12.99 (Limited time offer!)
Replies
0
Views
1,829
samimnoorzaitgc
Support@MainVPS
SSL on VPS: Necessary or overkill?
Replies
1
Views
1,122
Kaz Wolfe
PMonroe
Best link building techniques
Replies
11
Views
4,207
David Beroff
J
Imunify malware scanner
Replies
3
Views
1,653
jessichg
Similar Threads
R
How secure are free SSL certificates compared to paid ones?
Replies
2
Views
98
FerdieQO
harrygreen90
What should I change on the DirectAdmin control panel to make my server more secure?
Replies
10
Views
2,426
David Beroff
BlueLeaf
How to Secure Email Communication with an S/MIME Certificate?
Replies
0
Views
920
BlueLeaf
Chris Worner
Secure Plesk Onyx?
Replies
3
Views
2,386
bountysite
Philippe Gaucher
Directadmin vs Plesk - which one is more secure?
Replies
19
Views
7,332
isha

Latest postsNew threads

Latest Hosting OffersNew Reviews

Popular Contributors - Past 30 Days

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
  • cpanel
  • dedicated
  • free
  • hello
  • hosting
  • hosting services
  • marketing
  • offers
  • seo
  • server
  • services
  • vps
  • web
  • web hosting
  • website
  • wordpress
    • Top