English (US) 日本語
Submit a request

Technical question Licensing question
Sign in

MySQL fails to start when a Plesk server lacks disk space: SQLSTATE[HY000] No space left on device 500 Plesk\Exception\Database
Unable to access Plesk Onyx 17.5.3 or Plesk Onyx 17.8.11: The file /opt/psa/admin/htdocs/application.php is part of Plesk distribution. It cannot be run outside of Plesk environment.
Service Plan can not be opened for editing in Plesk: Argument 1 passed to isFpmDedicatedHandler() must be of the type array, null given
[BUG] - Unable to access the Scheduled tasks from Dev Tools as Reseller in Plesk: Permission denied
Unable to log in to Plesk after update to version 18.0.40: Lock Manager error: 'getrandom'.
Plesk Update Manager fails on the RHEL-based OS of version 8.5: 'NoneType' object has no attribute 'run_sack'
How to hide/change the link "What username and password to use?" on the Plesk login page
How to change the default state of the sidebar to be opened in Plesk 18.0.39 interface
Plesk migration or the "plesk repair web" command fails: PHP Fatal error: Uncaught Error: Class 'GuzzleHttp\Promise\Create' not found in functions.php
Unable to change the type of an IP address in Plesk for Windows Server: Cannot connect to the task manager (plesk-task-manager service might not be running)

See more

Is it possible to configure multi-factor authentication to access Plesk?

Yaroslav Tarasov

Updated July 29, 2021 09:35

Plesk kb: how-to ABT: Group B

Applicable to:

Plesk

Question

Is it possible to configure multi-factor authentication to access Plesk?

Answer

Yes, it is possible to configure multi-factor authentication: Authentication Schemes In Plesk – Just Say No To Passwords
Please note that multi-factor authentication measure is intended only for Plesk web interface. It does not apply to API or Plesk Mobile App. Since mobile application uses XML-RPC API requests to communicate with Plesk server you can enhance security by disabling API at all or limiting it to specific IP addresses using article How to restrict Plesk XML API?

Comments

3 comments

Dennis Am July 26, 2019 12:12

Could you please update this article, mentioning that multi-factor authentication only applies to the web interface, and not to the REST API + Plesk Mobile App? Thanks in advance :)

0

Comment actions Permalink
Denis Bykov August 05, 2019 23:28

@Dennis Am

Thank you for noticing! The article was updated.

1

Comment actions Permalink
Ehud Ziegelman November 12, 2020 17:42
MFA is not supported on mobile, ability to add this we consider as a feature request. But since MFA is not supported we do confirm as a bug the fact that MFA screen shown at all, it should be disabled. Request ID to hide it is PMBL-562.

Mobile application uses XML-RPC API requests to communicate with Plesk server. If you want to enhance security you may either disable API at all or limit it to specific IP addresses. To do so, add the following entries to the panel.ini file.
- To prohibit all connections via XML API:
  [api]
  enabled = off
- To allow connections via XML API only from specific IP addresses:
  
  [api]
  
  allowedIPs = 203.0.113.2,192.0.2.2
0

Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request