You can enhance security and reduce the chances of unauthorized access to Plesk by restricting administrative access. Anyone trying to log in to Plesk as an administrator from a disallowed IP address will see an error message. Restricting administrative access to Plesk does not prevent resellers or customers from logging in to Plesk, even from disallowed IP addresses.
*Please note that restricting administrative access from a specific IP address does not block incoming connections to the server. It does not prevent, for example, attempts to connect via SSH or RDP. Make sure that the Plesk administrator password does not match the server's 'root' or 'administrator' user password.
If you notice suspicious activity originating from a specific IP address (for example, by reviewing Fail2Ban logs), you can prevent anyone using that IP address from having administrative access to Plesk.
To prevent administrative access to Plesk from specific IP addresses:
- Go to Tools & Settings> Restrict Administrative Access (under “Security”).
- Click Settings, select the “Allowed, excluding the networks in the list” radio button, and then click OK.
- Click Add Networkand specify the IP address or addresses from which administrative access to Plesk must be blocked:
- Individual IP addresses (for example, 192.168.1.110)
- Subnets of IP addresses (for example, 123.0.0.1/16 or 123.123.*.*)
- Click OK.
Now, administrative access to Plesk is possible from all IP addresses except for those that you have explicitly disallowed.
The second option is more restrictive. It minimizes the chances of unauthorized access to Plesk, but may make it difficult to access Plesk from an unusual location (for example, if you need to access Plesk while traveling).
To limit administrative access to Plesk to specific IP addresses:
- Go to Tools & Settings> Restrict Administrative Access (under “Security”).
- Click Settings, select the “Denied from the networks that are not listed” radio button, and then click OK.
- Click Add Networkand specify the IP address or addresses from which administrative access to Plesk must be allowed:
- Individual IP addresses (for example, 192.168.1.110)
- Subnets of IP addresses (for example, 123.0.0.1/16 or 123.123.*.*)
- Click OK.
Now, administrative access to Plesk is possible only from the IP address or addresses you have explicitly allowed