How to Configure Customer Permissions and Access Levels in Plesk

As a reseller, you control which features and tools your customers can access through their service plans. Permissions determine what a customer can do in their Plesk panel — from managing DNS and SSL to changing PHP settings and accessing SSH. This guide covers understanding and configuring customer permissions.

Understanding Permission Levels

Permissions in Plesk are defined at the service plan level. When you create or modify a plan, you choose which features are available to customers assigned to that plan.

Key Permissions Explained

• Management of DNS zone: Allows customers to add, modify, and delete DNS records for their domains.
• Management of SSL/TLS certificates: Allows customers to install, manage, and configure SSL certificates.
• PHP settings management: Allows customers to change PHP versions and modify PHP configuration directives (memory_limit, upload_max_filesize, etc.).
• Access to the server over SSH: Allows SSH access to the server. Use with caution — only enable for trusted, technical customers.
• Scheduled tasks (cron jobs): Allows customers to create and manage cron jobs.
• File Manager: Allows customers to upload, edit, and manage files via the Plesk web interface.
• Log rotation: Allows customers to configure how often log files are rotated and archived.
• Web statistics: Allows customers to view traffic and visitor reports.
• Additional FTP accounts: Allows customers to create extra FTP users for their domain.
• Database management: Allows customers to create, modify, and delete MySQL databases and users.
• Mail management: Allows customers to create email accounts, set up forwarding, and configure spam filtering.

Configuring Permissions in a Service Plan

1. Log in to Plesk.
2. Go to Service Plans → Hosting Plans.
3. Click the plan you want to modify.
4. Go to the Permissions tab.
5. Enable or disable permissions by checking or unchecking the boxes.
6. Click OK to save.

Best Practices for Setting Permissions

• Basic/Starter plans: Enable File Manager, Mail management, and Web statistics. Disable SSH, PHP settings, and DNS management.
• Business plans: Enable everything except SSH. Allow PHP settings management and DNS management.
• Developer plans: Enable all features including SSH and advanced PHP settings.
• Never enable SSH for customers who do not need it. SSH access poses a significant security risk if misused.

Important Notes

• Permissions are applied at the plan level. All customers on the same plan have the same permissions.
• If a customer needs a specific permission that is not in their plan, you have two options: upgrade their plan or customise their subscription (which locks it from plan sync).
• Disabling a permission takes effect immediately for all synced subscriptions.
• Your hosting provider may restrict which permissions you can configure. Contact support if a permission is greyed out.

Troubleshooting

Customer cannot access a feature they need:

• Check the service plan permissions and enable the feature.
• If the subscription is locked, sync it with the plan to apply the permission.

A permission option is greyed out:

• Your hosting provider may have disabled this permission at the reseller level. Contact support to enable it.

Customer has SSH access but should not:

• Immediately disable SSH in their service plan and sync the subscription.
• Review all subscriptions to ensure SSH is only enabled where needed.