Securing plesk with user/password dialog
If you want to add additional security to your plesk installation (this method is not working for all plesk versions) it is possible to use a .htaccess-like user/password dialog. Plesk uses sw-cp-server as a webserver. You have to edit the plesk.socket.sh script which starts the server. Insert the following lines in /etc/sw-cp-server/applications.d/plesk.socket.sh after the fastcgi section. The path to .htpasswd surely can be changed to whatever you want and the user running the shell-script has access to.
# Limit access to Admin auth.backend = "htpasswd" auth.backend.htpasswd.userfile = "/path/to/.htpasswd" auth.require = ( "/" => ( "method" => "basic", "realm" => "your realm name", "require" => "valid-user" ), )
After adding the additional lines to the shell-script you have to include the module “mod_auth” at the first line in /etc/sw-cp-server/applications.d/plesk.conf. Then create a .htpasswd file at the specified path and add the user/password combination with the htpasswd-command. The last step is a restart of the sw-cp-server: