Plesk security best practices


2016-11-16 12:59:11 UTC


2017-08-13 06:18:59 UTC


Was this article helpful?

Have more questions?

Submit a request

Plesk security best practices

Applicable to:

  • Plesk


Are there any tips for keeping Plesk secure?


A general rule to secure Plesk is to make sure the latest updates are installed. Also, check more useful topics bellow.

1. Go through the following articles and documentation:

2. Do not forget to check the Securing Plesk section of the Administrator's guide. Topics covered in this section include the following:

  • Restricting Administrative Access
  • Setting Up the Minimum Password Strength
  • Enhanced Security Mode
  • Using Secure FTP
  • SSL protection

3. Linux users may also check the advanced documentation pages related to Plesk for Linux security: Enhancing Security . This documentation covers the following topics:

  • Restricting script execution in the /tmp directory
  • Configuring site isolation settings
  • Protecting users from running tasks on behalf of root

4. If case of planning to set up PCI DSS Compliance, this document is worth reading: Meeting PCI DSS Requirements for Plesk

5. It is recommended to be aware of these issues:

  • 115000652909 FTP users have access to root directory on server
  • 115000662365 SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability
  • 213366809 Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability

6. These articles may also be useful in certain scenarios:

  • 213949585 How to run Rootkit Hunter with the update option?
  • 213378209 [Security] Defending against an SYN-Flood (DOS) Attack
  • 213943405 [Info] How to ensure that Apache does not allow the SSL 2.0/SSL 3.0 protocol
  • 213943625 [How to] RKHunter warning improvement
  • 213380789 How to prevent Plesk from brute-force attacks
  • 213913725 How to set up a file audit on Windows server

Note. Feel free to subscribe to updates to this article in order to keep track of new security issues.

Have more questions? Submit a request
Please sign in to leave a comment.