If the Plesk administrator password is compromised, unauthorized individuals could gain access to Plesk, potentially causing damage to the server and hosted websites. To enhance security and minimize the risk of unauthorized access, you can restrict administrative access to Plesk by specifying allowed or disallowed IP addresses.

### Restricting Administrative Access

**1. Prevent Access from Specific IP Addresses:**

This option is more permissive. It allows access from all IP addresses except those you specify. Use this if you notice suspicious activity from certain IP addresses and want to block them from accessing Plesk as an administrator.

- **Log in to Plesk.**

- **Navigate to** `Tools & Settings` > `IP Access Restriction Management` (under “Security”).

- **Click** `Settings`, select the “Allowed, excluding the networks in the list” radio button, and then click `OK`.

- **Click** `Add Network` and specify the IP address(es) you want to block:

  - Individual IP addresses (e.g., 192.168.1.110)

  - IP subnets (e.g., 123.0.0.1/16 or 123.123.*.*)

- **Click** `OK`.

Now, administrative access is allowed from all IP addresses except the ones you’ve blocked.

**2. Limit Access to Specific IP Addresses:**

This option is more restrictive. It only allows access from IP addresses you explicitly specify, reducing the risk of unauthorized access but possibly making it difficult to access Plesk from varying locations.

- **Log in to Plesk.**

- **Navigate to** `Tools & Settings` > `IP Access Restriction Management` (under “Security”).

- **Click** `Settings`, select the “Denied from the networks that are not listed” radio button, and then click `OK`.

- **Click** `Add Network` and specify the IP address(es) you want to allow:

  - Individual IP addresses (e.g., 192.168.1.110)

  - IP subnets (e.g., 123.0.0.1/16 or 123.123.*.*)

- **Click** `OK`.

Now, administrative access is allowed only from the IP addresses you’ve specified.

### Important Notes

- **Restricting access from specific IP addresses** does not block other types of connections, such as SSH or RDP.

- **Avoid password overlap**: Ensure that the Plesk administrator password is not the same as the server’s ‘root’ or ‘administrator’ user password.

- **Be cautious with IP restrictions**: You may accidentally lock yourself out if you don’t include your own IP address. Plesk will notify you if your current IP address is restricted.

If you accidentally lock yourself out of Plesk, refer to the relevant knowledge base article for recovery steps. You can also edit or remove restricted IP addresses by selecting them in the list, making changes, and confirming the updates.