Articles on: Hosting

How to Apply Security Measures in Plesk

Keeping your websites secure is essential to prevent vulnerabilities, data breaches, and unauthorized access.

Plesk simplifies this with the Critical Security Measures feature — a one-click tool that applies key hardening steps to your hosting environment automatically.

This article explains how to access, apply, and if necessary, revert these measures from the Websites & Domains section in Plesk on your Thamara.cloud hosting account.



Step 1 – Log in to Plesk

Log in to your Plesk Control Panel via your Thamara.cloud account or directly through:

[https://yourdomain.com:8443]()

Use the credentials provided in your hosting welcome email.


Step 2 – Go to Websites & Domains

After logging in, click on the Websites & Domains tab in the left-hand sidebar.

This section lists all your hosted domains.



Step 3 – Select the Domain You Want to Secure

Choose the domain you want to apply security measures to (for example, thamara.info),

then expand its panel to reveal management options.



Step 4 – Locate the Security Section

Scroll down to the Security section within the domain panel.

Here, you’ll find key options such as:

  • Let’s Encrypt (SSL certificates)
  • Vulnerabilities
  • Critical security measures applied



Step 5 – Apply Critical Security Measures

Click the link labeled Critical security measures applied.

You’ll see a list of available security options.

Plesk allows you to apply each measure individually or select all recommended measures at once for full protection by pressing security measures check box.

These measures typically include:

  • Enabling SSL/TLS for your domain
  • Fixing unsafe file and directory permissions
  • Disabling risky PHP functions
  • Enforcing secure PHP and WordPress settings
  • Applying server-level security best practices


Note: You can review and adjust each setting before applying changes.

This process is safe and will not affect your website’s content or data.



Step 6 – Confirm the Status

Once the measures are applied, the status will display:

Critical security measures applied

This means all recommended hardening steps are now active for that domain.



Step 7 – How to Revert to Default Settings

If you need to undo the applied critical security measures or restore default configurations, follow these steps:

  1. Open the Websites & Domains section in Plesk.
  2. Select your domain and expand its panel.
  3. Go to the Security area.
  4. Click on Critical security measures applied again.
  5. In the popup window, select Revert changes or Restore default security settings.
  6. Confirm your action.


Important:

Reverting to default will disable some enhanced security rules.

Only revert if you fully understand the impact or under guidance from Thamara.cloud Support.



Best Practices After Applying Security Measures

  • Recheck this section monthly or after updates.
  • Keep WordPress core, plugins, and themes updated.
  • Enable automatic updates where possible.
  • Maintain a valid SSL certificate at all times.
  • Run periodic malware and vulnerability scans.


Summary

Applying Critical Security Measures in Plesk is one of the easiest ways to harden your website instantly.

By using this one-click feature in Thamara.cloud, you enhance protection, reduce risks, and ensure compliance with security best practices.

If you ever need to undo or adjust these measures, you can safely revert them using the built-in restore option.

Need help? Contact Thamara.cloud Support for expert assistance with advanced Plesk security configurations.

Updated on: 12/11/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!