Security
Your security is our priority
We've built multiple layers of protection into Ploi so you can manage your servers with confidence. From two-factor authentication to login history — your account stays locked down.
Security at a Glance
Multiple layers of protection
Every Ploi account comes equipped with a comprehensive set of security features to keep your servers and data safe.
Two-factor authentication
Add an extra layer of protection with TOTP-based two-factor authentication. Verify your identity every time you log in.
IP address lock
Restrict account access to specific IP addresses. Unknown locations require email verification before granting access.
Login history
Monitor every login attempt with detailed history including IP addresses, locations, and timestamps to spot suspicious activity.
Password change alerts
Get notified instantly via email whenever your account password is changed, so you can act immediately if it wasn't you.
SSH key authentication
Manage SSH keys directly from your dashboard. Securely connect to your servers without password-based authentication.
Team permissions
Granular role-based access control for your team. Decide exactly who can access what across your servers and sites.
Account Protection
Two-factor authentication
Two-factor authentication is a proven method to secure your account properly. Download an authenticator app, scan the QR code, and verify it right away.
Each time you log in, you will be asked to enter a token before you get access to your account. This ensures that even if your password is compromised, your account remains safe.
Advanced Protection
IP address lock
Want to go even stricter? Enable IP lock to only allow specific IP addresses to access your account.
Whenever you log in from a new location, you'll receive an email containing a unique code to unlock your account on the unknown IP address. Combine this with two-factor authentication for maximum security.
Instant Alerts
Password change notifications
When your account's password gets updated, you'll receive an email notification immediately letting you know a change has happened. If it wasn't you, you can take action right away.
Full Visibility
Login history
Keep track of every login to your account. View detailed information including IP addresses, browser details, and timestamps to quickly identify any suspicious activity.
Verified Communications
BIMI verified mark certificate
Every email from Ploi is authenticated with a BIMI Verified Mark Certificate, so you can always trust that our emails are legitimate.
Blue checkmark
Verified in your inbox
When you receive an email from Ploi, you'll see our verified logo alongside a blue checkmark in supported email clients like Gmail, Apple Mail, and others.
This means our emails are authenticated using DMARC, DKIM, and SPF — combined with a Verified Mark Certificate (VMC) that proves our brand identity. It's an extra layer of trust so you always know it's really us.
-
DMARC enforced email authentication
-
DKIM & SPF validated sending
-
Verified Mark Certificate (VMC)
-
Branded logo in supported email clients
to me
Your deployment was successful
Your site example.com has been deployed successfully from branch main. All health checks passed.
Infrastructure
Server-level security built in
Every server provisioned through Ploi is automatically configured with security best practices.
Firewall configuration
Automatic firewall setup with sensible defaults. Manage rules directly from your dashboard.
Free SSL certificates
One-click Let's Encrypt SSL certificates with automatic renewal. Keep your sites secure with HTTPS.
Automatic updates
Unattended security updates keep your server patched against the latest vulnerabilities automatically.
Encrypted backups
Database and site backups are encrypted and can be stored on external providers like S3, Wasabi, or DigitalOcean Spaces.