Reputation: 1477
How to secure Plesk Admin Panel?
I want to know how to secure the Plesk admin panel.
In fact, for acces to this admin panel, you must use this link : https://<server ip address>:8443
But there is no security, https is not activate, there is no recaptcha so hacker can use brute force ..
Have you any tips to secure all that ?
Thank you
Upvotes: 2
Views: 1035
Answers (1)
Reputation: 10312
Since Plesk 12 there is a fail2ban* with "plesk-panel" jail which block password bruteforce attacks on admin panel.
Also you can install "Google Authenticator" to add two-factor authorization and "Clef Authentication" extension which replace plesk auth to auth with mobile phone. Also there is old school "Restrict Administration Access" which just allows authorization for admin user(only) from white list of IP addresses
* - fail2ban may be not installed or there is license restriction(check "License management" page for "fail2ban" option)
Upvotes: 1
Related Questions
- How can I prevent SQL injection in PHP?
- How can I sanitize user input with PHP?
- How do you parse and process HTML/XML in PHP?
- How do I get a YouTube video thumbnail from the YouTube API?
- Secure hash and salt for PHP passwords
- How do I check if a string contains a specific word?
- If you can decode JWT, how are they secure?
- How does PHP 'foreach' actually work?
- How do I get PHP errors to display?
- How should I ethically approach user password storage for later plaintext retrieval?