The Hosting Parameters page configures which technologies will be allowed to run for a particular subscription, including which statistics processor is used by default. Before proceeding any further, click the "apply secure settings preset" link on the page. Not many items will change when you do, but it gives a good set of defaults to start from.
This setting may seem silly at first, but it is possible to disable all web hosting for a domain and serve email only instead. This may be a useful item at some point if you are making a Hosting Plan for email-only customers. However, we plan on hosting WordPress on our server under this Hosting Plan, so we'll leave this setting enabled.
Hard disk quota
Earlier, we configured the "Disk space" setting in the Resources tab, which is a soft limit on the amount of space an entire domain can take up. Here, we can set a hard limit on the amount of space the user account itself can have on the server. This limit cannot be exceeded, and when it is reached the user will receive a "no more space left on device" message even though there is plenty of space left on the disk. We can set this limit in order to prevent any one user from filling up the entire hard drive, which is a very large security benefit. Again, logs and backups to not count towards this limit, so this is not an absolute limit on the size of all the data in the account - just the parts the user has control over. To give our users the ability to fix a disk space issue, we will set this to 2GB (2 \* 1024 = 2048 MB).
Unlike most panels, Plesk allows your customer to purchase and install their own SSL certificates on their account if they have a dedicated IP address. If you know that a domain will never need SSL, you can choose to turn off support for it, but it won't hurt anything to leave it on. We will be using SSL for our website, so we will need to leave this option turned on.
Here we can set which web statistics engine subscriptions under this Hosting Plan will use. Since we set "Web statistics management" in the Permissions tab, anything we set here is simply considered a default. Choose the statistics software you prefer. You may also choose to allow access to the statistics via a password-protected directory, but do not do this unless you have a real need for it because it is a potential security risk.
Custom error documents
A custom error document is a page that a website will show in place of the standard "Internal Server Error" or "Page Not Found" messages that browsers show by default. Some of the nicer sites have cute or funny messages, and it's common for web hosts to allow support because some web applications need them. You should leave this turned on.
SSH access to the server shell under the subscription's system user
Earlier, on the Permissions tab, we set an option to allow management of access to the server via SSH. Here, we can select the default shell those users will have. Anything we set here is only an option because we are allowing the setting to be managed (but allow chrooted environments only), but the most common shell is /bin/bash, and that is the default. If you did not enable management of SSH settings, whatever you set here will be the only available shell to user accounts under this hosting Plan. We will leave this setting turned off so we only have to support one shell at a time.
We'll cover all of these checkboxes as a single item, since they all either enable or disable certain types of applications that can run on the server. For now, turn on PHP support, CGI support, FastCGI? support, and "Allow web users to use scripts" (for any CGI scripts we install into cgi-bin later on) and turn everything else off. Make sure "Run PHP as" is set to CGI for performance reasons for now.
Next: PHP Settings in Plesk