Most control panels have secure and non-secure URL for the administrators to sign in. Plesk uses 8880 for non-secure (HTTP) and 8443 for secure login. (HTTPS). WHM & cPanel has separate port too. Recently, you can sign in to Plesk securely using the server hostname without port numbers.
Plesk and WHM, as well as cPanel when you are using secure ports, there is an annoying error of not CA signed SSL in the past when you are directed to the server hostname.
This could be in the past for both Plesk and cPanel ever since AutoSSL and Let’s Encrypt were introduced. You can use them to issue free SSL certificates issued to your hostname and domain names as long as they are resolvable by the DNS.
This is not a tutorial on how you can create the certificate, If you need guidance on how to create it please write to our support team. This article is to tell you to sign in to any control panels, you should be using a secure port or secure URL only.
If an SSL certificate is installed, To transmit your data securely to the server, they are encrypted, which means to say even you have the information without the private key which stored in the server, it is almost impossible for anyone to decipher. However, it is not the case for the non-secure port and secure URL.
So, are you transmitting data securely? This is not for control panel only, all kinds of logins include web, webmail, emails, etc. They should be using secure-port only. Even, it is a free SSL certificate, it will serve the same purpose, is to transmit data securely.