Are there any tips for keeping Plesk secure?
A general rule to secure Plesk is to make sure the latest updates are installed. Also, check more useful topics bellow.
1. Go through the following articles and documentation:
- 213932745 Which ports need to be opened for all Plesk services to work with a firewall?
- 213956845 Configure Passive FTP port range on Windows Server
- 213902285 Configure Passive FTP port range on Linux Server
- Plesk Administrator's Guide Protection Against Brute Force Attacks (Fail2Ban)
- Plesk Administrator's Guide Web Application Firewall (ModSecurity)
2. Do not forget to check the Securing Plesk section of the Administrator's guide. Topics covered in this section include the following:
- Restricting Administrative Access
- Setting Up the Minimum Password Strength
- Enhanced Security Mode
- Using Secure FTP
- SSL protection
3. Linux users may also check the advanced documentation pages related to Plesk for Linux security: Enhancing Security . This documentation covers the following topics:
- Restricting script execution in the
- Configuring site isolation settings
- Protecting users from running tasks on behalf of root
4. If case of planning to set up PCI DSS Compliance, this document is worth reading: Meeting PCI DSS Requirements for Plesk
5. It is recommended to be aware of these issues:
- 115000652909 FTP users have access to root directory on server
- 115000662365 SLAAC Attack - 0day Windows Network Interception Configuration Vulnerability
- 213366809 Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
6. These articles may also be useful in certain scenarios:
- 213949585 How to run Rootkit Hunter with the update option?
- 213378209 [Security] Defending against an SYN-Flood (DOS) Attack
- 213943405 [Info] How to ensure that Apache does not allow the SSL 2.0/SSL 3.0 protocol
- 213943625 [How to] RKHunter warning improvement
- 213380789 How to prevent Plesk from brute-force attacks
- 213913725 How to set up a file audit on Windows server
Note. Feel free to subscribe to updates to this article in order to keep track of new security issues.