Plesk or cPanel is now the most common server administration panel. After purchasing a dedicated server, you won’t face any challenges if you’re an experienced system administrator. However, if you’re just getting started in system administration, comprehending everything may not be easy. So, in order to handle job maintenance and security, you’ll want a cPanel or plesk server management Panel.
Now there’s a reasonable probability you’ll lose control of your server if it’s hacked or goes down. Therefore, we’ve compiled a list of Plesk server control security recommendations.
Mod Security
The most prevalent reason for web server hacking is buried behind the widely used content management system. It’s possible to break into a WordPress or Joomla site. According to System Admins, you should absolutely enable the ModSecurity functionality on your server as a user.
Server administration tasks such as installing Mod Security are frequent. The Plesk server control interface makes it simple. Make sure you set it up correctly. The first step is to go to Tools and Settings and open the configuration panel. Select Web Application Firewall after that. Use the Atomic Basic ModSecurity Rule Set for detection only in firewall mode.
Let’s Encrypt
The Let’s Encrypt extension can be installed on your website if it still uses HTTP rather than HTTPS, as recommended by Google. Plesk’s server administration panel has an ‘Extensions’ menu item where you may download and install the extension. For the first 90 days, it’s yours free of charge.
Fail2Ban
You may use Fail2Ban to examine log files and ban IPs that appear suspicious. Particularly suspect are those with an unusually high number of unsuccessful SMTP auth / FTP attempts, exploits searches, and the like. The Fail2Ban firewall module adds predefined filters to make the firewall stronger. As a result, your client’s website and server are better protected. SSH, log scanning, and postfix are three of the most essential Fail2Ban filters that should be active at all times.
Setting up a mail server
To ensure that your client does not become a spam victim, you must configure your mail server settings. You may limit the number of outgoing messages, restrict Sendmail use, and enable DNS blackhole listings for spam prevention. The official Plesk Mail Server Configuration documents are a great place to evaluate all of your configurations.
Firewalls
The first time you log in, you may not be able to access Tools & Settings to change your firewall settings. This is normal. The Plesk server control panel does not come pre-activated with this feature in most circumstances. One of the many server maintenance responsibilities is to install and enable a firewall with a basic set of rules. Please install and activate it as soon as you log in to your control panel.
Backup
A system administrator’s best buddy is backup. Your website can only be recovered if you keep frequent backups of it. Plesk server administration panel may be restored using these backups. So, don’t worry if you make a mistake when installing or configuring modules, extensions, or other components.