By default, when running Plesk (linux) the root user is allowed to access the control panel. It is generally best practice to disable root access on your server to help improve it's security. We already have an admin user defined in Plesk so there is no need for an additional user with the same or similar permissions.
One challenge of hosting a website online 24 hours a day 7 days a week, 365 days a year, is keeping it secure.
I have been hosting websites for over 20 years now. One thing I have noticed, is the more successful your site is, the more attention you are likely to receive from others with nefarious intents. In fact I would even go so far as to say there is a correlation between genuine website visitors and nefarious ones.