Knowledge Base

Restricting Administrative Access

 
administrator guideplesk administrationsecuring pleskfail2banip

If the Plesk administrator password is compromised, a third party can
access Plesk and damage the server and the hosted websites. You can
enhance security and reduce the chances of unauthorized access to Plesk
by restricting administrative access.

In Plesk, you can either prevent administrative access from specific IP
address or addresses, or restrict administrative access to specific IP
address or addresses. Anyone trying to log in to Plesk as an
administrator from a disallowed IP address will see an error message.
Restricting administrative access to Plesk does not prevent resellers or
customers from logging in to Plesk, even from disallowed IP addresses.

Note: Restricting administrative access from a specific IP address does not
block incoming connections to the server. It does not prevent, for
example, attempts to connect via SSH or RDP. Make sure that the Plesk
administrator password does not match the server’s ‘root’ or
‘administrator’ user password.

The first option is more permissive. If you notice suspicious activity
originating from a specific IP address (for example, by reviewing
Fail2Ban logs), you can prevent anyone using that IP
address from having administrative access to Plesk.

To prevent administrative access to Plesk from specific IP addresses:

  1. Go to Tools & Settings > Restrict Administrative Access
    (under “Security”).
  2. Click Settings, select the “Allowed, excluding the networks in
    the list” radio button, and then click OK.
  3. Click Add Network and specify the IP address or addresses from
    which administrative access to Plesk must be blocked:

    • Individual IP addresses (for example, 192.168.1.110)
    • Subnets of IP addresses (for example, 123.0.0.1/16 or 123.123.*.*)
  4. Click OK.

Now, administrative access to Plesk is possible from all IP addresses
except for those that you have explicitly disallowed.

The second option is more restrictive. It minimizes the chances of
unauthorized access to Plesk, but may make it difficult to access Plesk
from an unusual location (for example, if you need to access Plesk while
traveling). Limiting administrative access to specific IP addresses is
also likely to disrupt your ability to manage Plesk via Plesk
Mobile, as mobile phones usually do not have static IP
addresses.

To limit administrative access to Plesk to specific IP addresses:

  1. Go to Tools & Settings > Restrict Administrative Access
    (under “Security”).
  2. Click Settings, select the “Denied from the networks that are not
    listed” radio button, and then click OK.
  3. Click Add Network
Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit