Today, the most popular server management panel is either Plesk or cPanel. If you’re an expert system admin, you won’t have any obstacles after you purchase your dedicated server. But if you’re new to system administration, it may be hard to wrap your mind around it all. So you’ll need a cPanel or Plesk Server Management Panel in order to take care of task maintenance and security.
Now if someone hacks your server or it breaks down, there’s a high chance you may lose control over it. So to help you avoid that, we compiled a list of Plesk server management panel tips.
1. Mod Security
The most common reason for web server hacking is hidden behind our popular CMS. WordPress or Joomla platforms are vulnerable to hacks. So if you’re a user, System Admins recommend that you definitely enable the ModSecurity feature on your server.
Installing Mod Security is a routine operation related to server management. You can do it easily through the Plesk server management panel. Once you log in, click on Server Management on the left. Then choose Tools & Settings and click on Updates and Upgrades on the right side. Log in with your root credentials and click on Add/Remove components. Select ModSecurity Web Application Firewall for Apache under Plesk hosting features and install it.
Make sure you configure it too. First access the configuration panel from Tools and Settings. And then select Web Application Firewall (ModSecurity). Enable Detection only in firewall mode and use the Atomic Basic ModSecurity Rule Set. Make sure you also use the Fast Predefined set of values and enable Update Rule Sets once every week.
2. Let’s Encrypt
If your website still runs on http instead of https, promoted by Google, you can get the Let’s Encrypt extension. This you can install from ‘Extensions‘ in the Plesk server management panel. And you can use it for free for 90 days. After this period, you will get a notification to regenerate the certificates once again.
With Fail2Ban, you can scan the log files and ban suspicious IPs. Especially suspicious ones involving too many smtp auth / ftp failed attempts, exploits search, and so on. Fail2Ban is a super useful module that strengthens the firewall by adding predefined filters. Hence further protecting your client’s website and server. The most useful Fail2Ban filters that you should keep enabled at all times are SSH, log scanning, postfix, and mod_security.
4. Mail Server Settings
Configuring your mail server settings is ultra important to protect your client from becoming a victim of spam. And you also ensure that your client can’t spam other people too! You can select outgoing messages limitations, restrict sending emails using Sendmail, and activate spam protection based on DNS blackhole lists. Plus, you can review all your settings in the official Plesk Mail Server Configuration docs.
Don’t get surprised if you cannot access firewall settings in Tools & Settings the first time you log in. In most cases, it doesn’t come pre-activated with the Plesk server management panel. Installing and enabling firewall with a basic set of rules is also one of the many server management priorities. Make sure you install it and enable it the moment you log into the control panel.
Backup is a system admin’s best friend. And the most important action in server management. If you want to make your website 100% retrievable, you have to keep regular backups. These backups can help you restore the Plesk server management panel to its previous state. So you can relax even if you mess something up with modules, extensions and component installations and configurations.
The most efficient way to back up, in terms of disk space and time, is to keep incremental backups. Make sure you have at least 2 to 4 snapshots of your website at all times. You can easily set this up by accessing Tools & Settings > Backup Manager in the Plesk server management panel.
Trying Plesk Server Management Panel for size?
We hope we’ve helped improve your server management efforts. Follow these tips to make your server and website less vulnerable to attacks. Adopt a healthy backup practice and make user-connections to the website more secure (https). Plus you can make sure you won’t become blacklisted as a spammer. And if you need an all-purpose panel – try Plesk on for size. It may be a great fit.