Most control panels secure and non-secure ports for the administrators to log in. Plesk uses 8880 for non-secure (HTTP) and 8443 for secure login. (HTTPS). WHM & cPanel too.
By default, WHM and cPanel use secure ports or HTTPS. However, there are some are annoyed the error of not CA signed SSL in the past when it was redirected to the server hostname or unresolved hostname without an SSL.
This could be in the past for both Plesk and cPanel ever since AutoSSL and Let’s Encrypt were introduced. You can use these functions to issue free SSL certificates issued to your hostname and domain names.
This is not a tutorial on how you can do that but if you need guidance please write to our support team. This article is to convey to all control panel users to use the secure port only to log in.
When SSL established information sent is encrypted, which means to say even you have the information without a private key stored in the server, it is almost impossible for anyone to decipher. But it is not the case for non-secure port and its connection.
So, are you using secure ports? not solely for control panel login, actually all kinds of logins include web, emails, etc. They should be using secure-port only (HTTPS, TLS or SSL)