While Plesk offers many potential benefits to website administrators, including compatibility with Windows Server and other leading technologies, the company has also been working to differentiate it from other control panels for content management system (CMS) users. The headline product of those efforts is the Plesk WordPress Toolkit, a comprehensive integration which organizes and simplifies many processes for setting up and maintaining WordPress websites. The toolkit is widely used, and is installed on almost two-thirds of Plesk servers, according to a ZNetLive blog post.
WordPress is the world’s most popular CMS, and powers a staggering 28.5 percent of all sites on the internet, for a market share of nearly 60 percent according to w3techs. It is used by bloggers, entrepreneurs, small businesses, media companies, and enterprises to grow their audiences and engage with customers.
There are two versions of the Plesk WordPress Toolkit available. The SE (Special Edition) version is included with Plesk Web Admin Edition, and meant for use by site and server administrators. The full version is included with Plesk Web Pro Edition and Plesk Web Host Edition. The difference is that some of the advanced features in the full edition, such as cloning and syncing instances and staging environments are not included in WordPress Toolkit SE. With the special edition, updates are manual rather than automatic, and while the Toolkit does include 1-click hardening (more on that below), it only does so for instances which it has been used to install.
The Plesk WordPress Toolkit is designed for easy installation and use. It takes two clicks to install WordPress; one to choose the “Domains” menu under “Hosting Services,” and one on “Install WordPress,” toward the left side of the Domains options. The Toolkit is found on the “Extensions” page, which is seen under “Server Management” on the menu. There it is the first option among the “Featured” extensions on the right side of the window.
There are several key security features of the toolkit, including 1-click hardening through the security check feature. Hardening is defined by the University of Colorado’s Office of Information Technology as a process which “works to eliminate means of attack by patching vulnerabilities and turning off inessential services. Hardening a computer involves several steps to form layers of protection.”
In the Plesk WordPress Toolkit, hardening improves security by applying concepts like the “least privilege principle” and “defense in depth,” testing a number of known and potential attack vectors, reducing risks and attack surface, and layering controls.
To check WordPress security in Plesk Onyx Web Pro Edition, click “WordPress” under “Server Management” in the menu on the left side of the screen, and then from the “Installations” tab selecting those instances that should be checked, or all. When the user clicks “Check Security,” Plesk scans for the WordPress characteristics that hackers most often use in attacks on websites, such as a label indicating which release of WordPress the website uses, the default “wp_” prefix for database tables, and the privileged default “admin” username.
In addition to assessing each element as secure or in need of attention, the tool also identifies those changes that can be rolled back, and those that may affect plugin performance.
The security check can also be activated from the “Domains” page under “Hosting Services” in the side menu. Clicking on a domain name brings up the option in the “My CMS” section of the window.
Updating WordPress versions and plug-ins is critical to maintaining website performance and security, but can be time consuming and sometimes difficult to keep up with for administrators.
Like “Check Security,” “Auto-Update” is found toward the top of the “Installations” tab on the WordPress toolkit page. This brings up a page with options for setting up automated major and minor updates, only minor updates, or turning off auto-update for each or every WordPress instance.
The Plesk WordPress Toolkit also integrates most common management functions.
Just like “Installations,” the Toolkit simplifies management of plugins and themes by giving them their own tab, with each allowing administrators to install and uninstall, activate, deactivate, and update them.
The full version also includes several advanced management functions. Websites can be switched to maintenance mode to make changes, debugging tools are available for testing and development, and search engine indexing can be turned off or limited.
Many Other Features
There are numerous other tools and integrations in the Plesk WordPress Toolkit. Along with the quick and easy installation of WordPress instances described above, migrating and cloning instances is simplified, with buttons found by scrolling to the far right of each installation. Administrators can choose to synch files, databases, or both.
Other advanced functions in the full version of the toolkit include a staging environment for testing and development in an exact copy of your production environment.
Reducing Problems, Saving Time
The same motivations that lead website owners and administrators to choose WordPress are reasons to use the Plesk WordPress Toolkit. WordPress allows its users to present their content in an attractive, effective, secure and customized way without developing it from scratch, providing a high level of functionality. Site changes are made according to business needs, rather than according to IT production cycles and capability.
Administrators, resellers and customers love the wide range of sites they can create, and plugins they can customize them with. Making changes that are simple for a single site may be time consuming and complex for those running multiple sites, however. Managing WordPress functions from within the control panel with the Plesk WordPress Toolkit extends the ease of use it is famous for, and provides Plesk hosting customers with the tools to make the most of the leading content management system.