Using SFTP(Secure FTP) in Plesk
Secure FTP is more secure than FTP since it uses the SSH protocol. Shell access must be enabled for each Plesk user for each account.
In the setup page select /bin/bash(chrooted) under the Shell access to server with FTP user’s credentials. This user will now be able to login over SFTP. Remember to change the port in your FTP client. If you are sure you don’t want users to login over standard FTP you can also block this port via the Firewall module in Plesk
The following rules would apply:
Deny incoming from all on ports 21/tcp, 21/udp
You can further secure your FTP server if you have a static IP by allowing access only from that IP. If the static IP is 10.1.1.2 your rules would be:
Allow incoming from 10.1.1.2
Deny incoming from all others
Installing your SSL Certificate / Web Server Certificate / Secure Server Certificate in Ensim
Your certificate will be sent to you by email after you get that from SSl providers. The email message includes the web server certificate that you purchased in the body of the email message.
Copy the certificate from the body of the email and paste it into a text editor (such as notepad) to create text files. Name this file yourdomain.txt and save it in a convenient place.
These instructions apply for both Ensim Pro and Ensim 3.x.
1. Click SSL Settings - access to this link may differ depending on your version of Ensim:
If you are running Ensim Pro. In the shortcuts section of the Home page, click SSL Settings in the Web Server section:
Or if you are running Ensim 3.x, click the Services link on the left, then click the Edit button for the Apache Web Server service:
2. Then in the Apache Web Server Manager click the SSL Settings link.
Select Import at the bottom of the SSL Settings form.
3. Copy the contents of yourdomain.txt and paste it into the Certificate text box
Be sure to include —–BEGIN CERTIFICATE—– through —–END CERTIFICATE—–
4. Select Save.
5. To make security effective on your domain, restart the Web server. The domain is not secure until you do so.
Test your certificate by using a browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP. Note: The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL.
To make a domain secure Web content available in Plesk
After migration, secure Web content (available via the https protocol) become unavailable. The reason is that in Parallels Plesk Panel, secure Web content can be stored either in a directory different from the directory with common Web content (default option), or in the same directory.
To make a domain secure Web content available, enable the Use a single directory for housing SSL and non-SSL content option.
Go to the domain Home page > Web site: Web Hosting Settings > Preferences: Use a single directory for housing SSL and non-SSL content checkbox.
