Securing Plesk
This section describes the best practices and settings that can increase the security of your Plesk and, thus, protect it from various types of attacks and loss of sensitive data:
- Restricting Administrative Access
- Restricting Remote Access via Plesk API
- Setting Up the Password Strength Policy
- Setting up Multi-Factor Authentication in Plesk
- Changing the Plesk Administrator Username
- Using Secure FTP
- (Plesk for Windows) Custom Handlers Policy
- SSL/TLS and Shared IP Addresses
- Securing Plesk and the Mail Server With SSL/TLS Certificates
- (Plesk for Linux) Hardening Server Connections Using DANE
- (Plesk for Windows) Configuring Centralized SSL Certificate Support in Plesk
- Protecting Against Clickjacking
- Protecting Against Open Redirect
- Mitigating the Symlinks Vulnerability
- Mitigating the vulnerability
- PCI DSS Compliance
- NIS2 Directive Compliance
- Security.txt Standard Compliance