Any zero-day Plesk vulnerabilities could affect thousands of sites across multiple servers, so administrators should stay updated on the latest Plesk advisories.Īs an example of what can happen with a Plesk zero-day, in 2012, a vulnerability in the hosting platform allowed attackers to extract the master password used by hoster administrators to manage all websites on the server. Why Plesk Security Hardening is Importantīecause a hoster might have hundreds of sites on one server, compromised Plesk could mean it affecting hundreds of customers.
As you can see, some of these extensions offer security protection, but they do not offer a full solution that will assure protection from all attack types. A few examples are Docker support, SEO Toolkit, Git support, Developer Pack, Servershield by CloudFlare, and KernelCare.
Plesk supports extensions to its base code - that can be used to add other functionality to customer sites.
It supports database engines such as MySQL, PostgreSQL, and Microsoft SQL Server and web hosting applications such as Apache Tomcat Java and ColdFusion. Because most hosting customers work with these CMS applications, installing Plesk makes it easier for customers to manage their sites and hosting providers to oversee them. What makes Plesk attractive to hosters and their customers is its integration with common content management systems (CMS) applications such as WordPress, Joomla, and Drupal. It’s best for hosting providers who offer virtual private server (VPS) and dedicated server options to customers. Plesk is one of the most popular tools along with cPanel, but Plesk is often used in environments where multiple operating systems and platforms are offered as hosting options.
To help website owners manage their sites, hosting administrators install platforms and management tools so that customers can customize their site to meet their business needs.