• In File Manager, it is now possible to upload files from remote servers by specifying the file URL.
• It is now possible to install WordPress on CloudLinux used with the ALT-PHP handlers.
• It is now possible to add and manage DNS records (including TTL) in a DNS zone via REST API.

• Revamped the “Add Subscription” and “Add Domain” pages to make them consistent with other Plesk UX elements:

  • The “Webspace settings” section is now pre-filled and collapsed.

  • By default, Plesk now hides the Let’s Encrypt and Git sections when users create subscriptions, domains, and subdomains. To make the sections visible, add the following lines to the panel.ini file:

      [ext-sslit]
      enableSecuringNewDomain = true ; shows the "Secure with an SSL/TLS Certificate" section
      secure-new-domain = true ; makes the "Secure the domain with Let's Encrypt" checkbox selected by default
    
      [ext-git]
      enableOnSiteCreate = true ; shows the "Your Files to Copy to Hosting" section
    

• Added a progress screen shown when users create domains.
• Cleaned up the Plesk onboarding: removed distractions (for example, Plesk update notifications) that used to be shown once Plesk is installed.
• Improved protection against open redirect. The trustedRedirectHosts setting now has the default “empty” value on all existing and new Plesk installations. trustedRedirectHosts specified with the “empty” value forbids Plesk from redirecting to any hosts using the success_redirect_url and failure_redirect_url parameters because such redirecting poses a security risk.
• Plesk no longer shows DNS Helper if either IPv4 or IPv6 address resolves to the Plesk server. (PPP-52686)
• Improved the message shown when a domain name is resolved to the IP address different from the Plesk server IP. The message no longer misleadingly states that the website is offline. (PPPM-12937)
• When file upload fails in File Manager, Plesk now shows a detailed error message instead of the [[fileNotUploaded]] locale key. (PPPM-12929)
• Backing up to the Microsoft OneDrive Backup storage can no longer fail because of a failed request for a new OneDrive access token. (EXTPLESK-2654)
• The --create-map command of the pleskbackup utility is now deprecated. (PPPM-12940)
• File Manager now shows a confirmation dialog before replacing an already existing file with the uploaded one that has the same name. (PPPM-12966)
• Plesk now verifies that the number of simultaneously running backup processes to be set is more than zero. (PPPM-12927)
• It is now possible to remove the Plesk email address of a subscription’s additional users if an external email address is specified. (PPPM-12849)
• Restarting the Plesk server in Tools & Settings no longer causes the “Failed to fetch” warning to be shown in the Plesk interface. (PPPM-12962)
• It is now possible to create a subdomain of an add-on domain that has the forwarding hosting type via API-RPC. (PPPM-10784)
• The pleskbackup utility used with the --domains-name command no longer backs up the whole server instead of a subscription if the specified subscription does not exist. (PPPM-12797)
• The plesk repair utility can now detect and fix the Plesk database inconsistency that leads to the “Unable to find row with id X in IP_Addresses table” error during migration or backup restoration. (PPPM-12843)

Linux

• It is now possible to create a subdomain of a disabled domain if the “Force daily log rotation for all domains” server setting is turned on. (PPPM-11930)
• Webmail is now turned on by default for domains created via API-RPC. (PPPM-12355)
• The plesk repair utility now fixes incorrect permissions in /usr/local/psa/PMM/rsessions, which in turn fixes backup and restoration logs. (PPPM-12786)
• If a domain’s IPv6 address is set to “none”, running the plesk repair db utility no longer shows the false positive “The following domains are assigned to already removed IP addresses.” error message. (PPPM-12988)
• A system user that uses the “bash (chrooted)” shell can no longer lose the ability to connect via SFTP. (PPPM-12969)
• Plesk now daily rotates PHP-FPM error logs to prevent them from consuming all the server disk space and eventually causing issues on the server. (PPPM-11362)
• Fail2ban logs and database backups can no longer consume all the server disk space. (PPPM-12981)
• Suspending a subscription that has an add-on domain with the forwarding hosting type and a subdomain of the add-on domain no longer breaks the Apache configuration. (PPPM-12939)
• nginx now returns a 404 Not Found error when requesting a non-existent static file larger than 1023 bytes whose URL contains a trailing slash. (PPP-53248)
• Disabling a domain whose webmail service was uninstalled no longer generates an incorrect webmail configuration. (PPPM-12984)
• Removing the /usr/local/psa/PMM/rsessions directory and then going to Backup Manager no longer prevents further backup restoration and download of restoration logs. (PPPM-12785)
• In Plesk on Ubuntu with libc6 version 2.31-0ubuntu9.3 or later, a subscription’s system user that uses the “bash (chrooted)” shell can now connect to the Plesk server. (PPPM-12954)
• Subscriptions’ system users that use the /bin/false shell now log in to the Plesk server via FTP faster. (PPPM-12909)
• In Plesk on a Debian-based system, rereading IP address to repair misconfigured ones no longer duplicates IP addresses in /etc/network/interfaces. (PPPM-12941)
• If Plesk with Postfix that uses milter_protocol=2 receives an email, this no longer kills the pc-remote service. (PPP-53325)
• Plesk Log Browser now displays logs compressed in the GZIP format. (PPPM-12976)
• Plesk now correctly applies locale keys of non-English Horde interface languages. (PPPM-12886)
• Generating a server report no longer fails in Plesk that has a large number of objects (for example, domains or mailboxes). (PPPM-12816)
• Apache now runs if it is configured with TLS 1.3 ciphers only. (PPPM-12964)
• Plesk now vacuums the Fail2ban database weekly to prevent it from growing large. (PPPM-12981)

Windows

• Plesk no longer fails to create mail for a subscription that belongs to the service plan that has a disabled webmail client selected. (PPPM-12968)
• Changes in the %plesk_dir%MySQL\my.ini file no longer prevent updating Plesk Onyx to Plesk Obsidian. (PPPM-12994)
• Improved the error message shown when Plesk cannot restore a remote SFTP backup because one or more database server types (for example, Microsoft SQL Server) present on the remote storage server are not present on the Plesk server the backup is being restored on. (PPPM-12974)
• It is now possible to turn on the Atomic Standard rule set in ModSecurity. (PPPM-13001)
• The plesk repair mail utility no longer fails if the “DNS zones for DNSBL service” server-wide mail setting field contains a long string. (PPPM-13002)
• Plesk now changes a domain’s PHP version in the IIS configuration files even if the PHP handler was previously uninstalled. (PPPM-12911)
• The %plesk_dir%MySQL\Data*.err file can no longer contain errors and warnings related to the PleskWebSocket service. (PPPM-12737)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.18.

Linux

• Updated nginx and sw-cp-server to version 1.20.1.
• Updated the sw-cp-server components: nginx-dev-kit to version 0.3.1 and lua-nginx-module to version 0.10.19.
• Updated Phusion Passenger to version 6.0.8.
• Updated Dovecot and Pigeonhole to versions 2.3.14 and 0.5.14 respectively.
• Updated Xdebug to version 3.0.4.

Windows

• Updated BIND to version 9.16.15.
• Updated ASP.NET Core 5.0 to version 5.0.6.
• Updated ASP.NET Core 3.1 to version 3.1.15.
• Updated ASP.NET Core 2.1 to version 2.1.28.
• Updated Node.js 12 to version 12.22.1.
• Updated MariaDB 10.5 to version 10.5.10.
• Updated MariaDB 10.3 to version 10.3.29.
• Updated SQLite to version 3.35.4.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.7.2.1.

• Fixed an internal issue related to connection to Plesk additional services.

• In Plesk with enabled “DNS Helper”, the “DNS Settings” page of domains created under subscriptions without hosting no longer shows the “Internal Error” message. (PPP-52966)

Linux

• It is now again possible to enable ModSecurity with the “Comodo (free)” rule set in the Plesk interface. (PPP-52965)

• In File Manager, it is now possible to do the following:

  • Upload directories.
  • (Plesk for Linux) Change file permissions recursively. Plesk for Windows has always supported that.
• File Manager can now display SVG files.
• Improved the interface of Dynamic List view. It is now easier to distinguish one domain card from another because we made the separating lines more distinct.
• Reduced the domain creation time by four seconds. To achieve this, we split the mail service creation into a separate task.
• Improved the “Add Domain” page. Plesk now automatically fills in the system user name and password boxes. We have also removed the password confirmation box.
• The “Mail Settings” page of domains now shows a hint how to enable DKIM signing for an external DNS server. The hint shows the exact DNS records users need to add to the DNS server.
• It is now possible to get information about subdomains via the CLI or REST API. (PPPM-12825)
• Enabling the mail service via the CLI for a subdomain no longer creates the Plesk database inconsistency. (PPPM-12836)
• Disabling the domain resolution check in panel.ini now hides the “Domain is not resolvable” message under “DNS Settings” of domains. (PPPM-12891)
• The window shown after closing the Change View item in the left navigation pane now contains a correct text instead of placeholders. (PPPM-12863)
• It is no longer possible to cause the Plesk database inconsistency by deleting an IP address assigned to a subscription without hosing. (PPPM-12876)

• Introduced a new CLI command --assign-database, which assigns a database created via the API to a domain. (PPP-52056) The command has the following pattern:

  plesk bin subscription_settings --assign-database <domain_name> -database-id <database-id>
  

• The “DNS settings” page of a subscription no longer fails to be opened with HTTP Error 500 if the Plesk database inconsistency occurs. (PPPM-12877)
• Plesk can now restore backups of subdomains that belong to a domain with the forwarding hosting type. (PPPM-12903)
• Improved a hint for creating temporary domains. The previous hint was incorrect and could mislead users into specifying a temporary domain name that did not work. (PPPM-12883)
• Updating to Plesk Obsidian no longer fails if the /var/www/vhosts/ permissions are not sufficient. (PPPM-12872)
• Removing an APS application can no longer cause the Plesk database inconsistency. (PPPM-12902)
• The “DNS Settings” page of a non-resolvable domain can no longer show the “Unable to find subscription” error instead of a warning that the domain name does not resolve to the server IP address. (PPPM-12871)
• The Plesk interface can no longer occasionally show the “Cannot read property ‘querySelector’ of null” error. (PPPM-12884)
• If a service plan has the “Switch on the mail service” and “Enable mail autodiscover” mail settings disabled, subscriptions created on the basis of the service plan now inherit these disabled mail settings. (PPPM-12879)
• Improved a confusing error message. When users try to remove an IP address used by the mail server, Plesk no longer incorrectly notifies that the IP address is used for hosting. (PPPM-7984)
• If “DNS Helper” is enabled and an add-on domain has an alias, panel.log no longer contains confusing error messages. (PPPM-12906)
• The plesk repair utility now detects issues with domains assigned to already removed IP addresses and suggests reassigning the domains to existing IP addresses. (PPPM-12865)
• Improved a message shown after a Plesk password reset. (PPPM-12677)
• File Manager can now display the content of files whose names contain Cyrillic characters. (PPPM-12897)
• The pmmcli utility now ignores Error 152 and shows the path to the imported backup dump because the error does not actually affect the backup dump import. (PPP-52707)
• The pmm-ras utility no longer creates archives and migration.log in the current working directory. The utility now creates migration.log in PMM_LOGS_D if the --session-path is not specified. The utility operation before the bugfix could occasionally cause server backups to fail. (PPPM-11752)
• Sped up loading of lists with a large number of domains (more than 1000). (PPPM-12689)

Linux

• Plesk can now be installed on AlmaLinux OS.

  Note: You can now in-place convert your Plesk server on CentOS 8 to AlmaLinux OS. To do so, run the script prepared by the AlmaLinux team on your CentOS 8 server.

• Dropped support for Ubuntu 16.04.
• Improved an error message shown when IP addresses registered in Plesk do not match those set up on the server and this mismatch caused an issue with the web server. The message now contains the link to the KB article with the steps on how to fix the issue.
• Updating Plesk 18.0.33 and earlier to the latest Plesk version no longer causes Plesk Premium Antivirus to start sending false notifications that a Plesk Premium Antivirus license will expire soon. (PPP-52338)
• Mail delivery to IDN emails no longer fails. (PPPM-12866)
• Removed an unnecessary test run during Plesk installation. The failed test created a log warning message with a recommendation to check the network configuration. The test result affected neither Plesk installation nor performance. (PPP-41762)
• Plesk now preserves the following custom settings of the [php-fpm-pool-settings] section in additional php.ini directives: chroot, clear_env, decorate_workers_output. (PPPM-12666)
• phpMyAdmin can no longer show strange users without passwords (for example, the user “Any”). (PPPM-12793)
• An IP address change can no longer fail because of unfinished MySQL initialization. (PPPM-12464)
• A Plesk daily maintenance task can no longer replace Dr.Web Antivirus packages with those from Plesk Premium Antivirus. (PPPM-12850)
• The official configuration of WordPress permalinks now works if nginx and PHP-FPM are used in tandem. (PPPM-12817)
• If PHP-FPM is served by nginx in Apache+nginx hosting, custom error documents for PHP scripts now work. (PPPM-12815)
• An add-on plan with disabled PHP settings can no longer affect the PHP settings of a subscription created based on the plan. (PPPM-12864)
• The Fail2ban configuration issues can no longer prevent users from creating subscriptions. (PPPM-12045)
• Scheduled tasks with the Null attribute no longer prevent Plesk from restoring server backups. (PPPM-12912)
• When installing or updating Plesk, Plesk Installer can now detect and warn about unsupported Debian and Ubuntu repositories present on the server. (PPPM-12834)
• Plesk Installer no longer occasionally shows that the MySQL server component can be updated instead of actually updating the component. (PPPM-12658)
• Plesk can now check incoming mail by processing SPF TXT records that contain up to 1024 mechanisms. (PPPM-8103)
• In Plesk on CloudLinux, the “Server Information” page in Tools & Settings can no longer show the Internal Server Error 500. (PPPM-11898)
• Plesk now correctly counts statistics for an add-on domain not including statistics for the domain with the same name as the add-on domain (if any). (PPPM-12577)

Windows

• For an external SMTP server used with Plesk, it is now possible to use a non-email username instead of a full email address (for example, just “mail” instead of “mail@example.com”). (PPPM-12896)
• The Plesk Installer output now shows all characters of a package version. (PPPM-12842)
• Removed a warning message about a 900-second delay after a PHP version change. (PPPM-12831)
• If SmarterMail 100 is used, Plesk no longer backs up emails of domains whose mail service is disabled and warns about it. (PPPM-12522)
• If the Windows system locale language is not English, Plesk no longer skips a subscription’s mail when backing up the subscription. (PPPM-12874)
• It is now again possible to train SpamAssassin because SpamAssassin Imap.php no longer tries to connect to the localhost using TLS. (PPPM-12086)
• Improved error reporting if backup creation fails with the “Failed to create archive: Repository error”. (PPPM-12697)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.4.16.

Linux

• Updated phpMyAdmin to version 5.1.0.
• Updated Fail2ban to version 0.11.2.
• Updated ProFTPD to version 1.3.7a.

Windows

• Microsoft Drivers for PHP for SQL Server are now installed with PHP 8.0.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.7.1.1.
• Updated Node.js 12 to version 12.21.0.
• Updated Node.js 10 to version 10.24.0.
• Updated Git to version 2.30.2.
• Updated ASP.NET Core 5.0 to version 5.0.4.
• Updated ASP.NET Core 3.1 to version 3.1.13.
• Updated ASP.NET Core 2.1 to version 2.1.26.
• Updated BIND to version 9.16.13.
• Updated OpenSSL to version 1.1.1k.
• Updated SpamAssassin to version 3.4.5.

• Plesk Obsidian 18.0.34 and later behind Cloudflare with Rocket Loader enabled for a domain no longer shows empty customers’ and resellers’ pages. (PPPM-12844)

  Note: Although the issue was fixed, we recommend that you disable Rocket Loader. It does not benefit Plesk in any way.

Linux

• Updating the Plesk server OS using dist-upgrade and updating Plesk Obsidian with Postfix installed to version 18.0.34 no longer breaks the Postfix configuration. (PPPM-12846)
• In Plesk Obsidian 18.0.34 and later, the Plesk administrator no longer receives daily emails from the Plesk cron task notifying that “ls: cannot open directory /usr/lib64/httpd/modules”. (PPPM-12853)
• In Plesk Obsidian 18.0.34 and later, updating SpamAssassin rules no longer fails with the “channel: no ‘mirrors.sought.rules.yerp.org’ record found” error. (PPPM-12848)
• Updating Plesk Obsidian to version 18.0.34 no longer fails with the “Plesk database scheme was not upgraded completely” error if the Plesk server has the specific time zone set. (PPPM-12837)

• Added the Recycle Bin to File Manager. Users can now restore files deleted by mistake from the Recycle Bin.
  The Recycle Bin is turned off by default. To turn it on, add the following lines to the panel.ini file:

  [fileManager]
  trash.enabled = true
  trash.folder = .trash ; the name of the the Recycle Bin folder
  

  The Recycle Bin appears when a user deletes a file and chooses not to delete it permanently.

• The “DNS Helper” and “Publicly resolvable temporary domain name” features introduced in Plesk Obsidian 18.0.32 will be enabled by default strating with Plesk Obsidian 18.0.34. To disable the features, add the following lines to the panel.ini file:

  [dns]
  enableResolveChecking = false ; disables resolve checking
  showDnsHelper = false ; hides DNS Helper
  [techDomain]
  subdomain.enabled = false ; removes the ability to create technical domains
  

• Even if no DNS server is installed, Plesk will now show the information about configuring DNS for domains that could not be resolved.
• Significantly sped up Plesk initialization and post-install configuration.
• Revamped file editing in File Manager. Users now edit files in a drawer instead of going to a new page.
• The image preview feature in File Manager works again in Plesk and the feature no longer needs the Image Preview extension. If the Image Preview extension is installed, updating Plesk to version 18.0.34 will remove the extension.
• Plesk UI notifications on ModSecurity rule set updates are no longer enabled by default. The Plesk administrator now explicitly turns on the notifications if necessary.
• If the Comodo rule set is not available for download because of an issue on the waf.comodo.com side, Plesk now shows an error message that describes what users can do.
• Tools & Settings > Active Plesk Sessions (under “Security”) now differentiates sessions of the Plesk administrator and additional administrators. Additionally, Plesk now shows the “Another user with the same username (admin) is already logged in to Plesk” warning only if a user of the same type is logged in. (PPPM-6227)
• It is now possible to add a description to a domain when creating the domain via REST API. (EXTREST-127)
• The plesk repair db command can now fix the default certificate inconsistencies in the Plesk database. (PPPM-12795)
• Plesk additional administrators can now change their passwords in Power User view. (PPPM-12316)
• After logging in to Plesk updated to the latest version, the “Too few arguments to function Plesk_Base_Utils_Http::getUserIp()…” error is no longer occasionally shown. (PPPM-12696)
• It is now again possible to create backups stored in FTP storage. This feature was broken since Plesk 18.0.33. (PPPM-12699)
• Plesk sw-engine now correctly uses the system time zone defined in Tools & Settings > System time (under “General Settings”) As a result, after the system time zone was changed, sw-engine now operates in the correct time zone and writes log entries that have the correct time. (PPPM-12543)
• In the output of the secret_key CLI utility, changed the “Key” field name to “Key ID” to avoid user confusion. (PPP-52085)
• The “Unable to extract : To extract RAR archives, install UnRAR" error message now contains the correct link to the "How to install UnRAR" KB article. (PPPM-12550)
• The Amazon S3 Backup extension now works with the S3-compatible storage Backblaze. To ensure compatibility, the extension no longer sends the RequestPayer option by default. (EXTPLESK-2107)
• Removed the bandwidth value validation from Plesk API RPC. (PPPM-12708)
• In Fail2Ban, a custom jail no longer disappears if it was saved with errors. We spotted this bug in Plesk 18.0.32 Update 2. (PPPM-12362)
• Installing an invalid Plesk license no longer makes the “License Management” page reload continuously. (PPP-51903)
• Getting a response to an XML API request sent to a Plesk server with a large number (100+) of secret keys or creating a new secret key on such a server no longer takes a disproportionately long time. (PPPM-12800)

Linux

• It is now possible to extract RAR archives in File Manager on RHEL-based Plesk servers with unar installed and unrar not installed.
• Apache graceful restart is now more stable and less likely to break Apache during log rotation.
• Plesk now shows only actually installed Apache module versions in Tools & Settings > Apache Web Server (under “General Settings”).
• The plesk repair mail <domain> command can now repair a mailbox even if the mailbox automatic reply contains non-ASCII characters.

• Clean installations of Plesk 18.0.33 and later no longer have database inconsistencies. (PPPM-12806)

  Note: If you got a new Plesk 18.0.33 or later, run the plesk repair db command to fix the inconsistencies. Updating Plesk to version 18.0.34 will not automatically fix them.

• After a domain was deleted or its hosting type was changed to forwarding, the Plesk database no longer has nginx.conf records left. (PPPM-12758)
• Users can no longer get Dr.Web notifications on the upcoming expiration of their Dr.Web license even though the license has already been updated in Plesk. (PPPM-12761)
• Applying the DNS template to all DNS zones no longer changes empty TTL values of the affected DNS records to 0. (PPPM-12752)
• If the “Enable email subaddressing” option is disabled, it is not possible to create email addresses that contain special characters. If Plesk already has mailboxes whose email addresses contain special characters, it is not possible to enable the option. (PPPM-12781)
• In Plesk on Debian 10 with non-standard packages installed, the Plesk DNSSEC extension no longer fails to sign the domain DNS zone. (PPPM-12589)
• Plesk can now import MySQL dumps that have the DEFINER clause set. (PPP-52224)
• After a subscription was suspended, the webmail page of the subscription no longer shows a confusing SSL warning. (PPPM-12580)
• Website preview now works if “TLS versions and ciphers by Mozilla” of the SSL It! extension was enabled with the “Modern” option. (PPPM-12641)
• After Plesk Premium Antivirus was uninstalled, entries in /var/log/maillog can no longer contain the drweb handler. (PPPM-12719)
• Making changes on the Tools & Settings > Mail Server Settings page no longer enables all inactive mailboxes. (PPPM-12753)
• In Plesk on Ubuntu, backup restoration no longer fails with the “Unrecognized option: ‘-dumps-root-dir’” error. (PPPM-12820)
• If the Plesk administrator password is too long, the Plesk mail service no longer occasionally stops working. (PPPM-12503)
• After updating Plesk Onyx 17.8 on Ubuntu with Postfix installed to Plesk Obsidian, the Postfix logs no longer contain compatibility warnings. (PPP-46809)
• DHE ciphers are now again available for sw-cp-server and nginx. (PPPM-11435)
• Plesk now regards PHP 8 as a secure handler. A change of the service plan PHP version from 7.4 to 8.0 no longer causes the “Conflicts with the server-wide security policy” message to be shown. (PPPM-12731)
• In Plesk on CentOS 7, updating Plesk licences can no longer occasionally fail with the “floatFractionPart: Assertion value < 1.0’ failed” error. (PPPM-12445)
• Update of Plesk Obsidian that has a large number of created secret keys (more than 20000) to version 18.0.34 now takes less time. (PPPM-12722)

Windows

• Microsoft IIS Compression is now shipped with Plesk.
• It is now possible to connect to a Plesk server connected to Active Directory via FTP using just the login and password of an FTP user (for example, john_doe as an FTP login instead of Plesk_server_hostname\john_doe previously).
• If “Maximum CPU usage” for the IIS dedicated pool (in service plan or domain settings) has a set value, turning off the pool no longer resets the maximum CPU usage value to “Unlimited”. (PPPM-10314)
• Plesk now propagates TTL values of DNS records to Simple DNS Plus. (PPPM-12766)
• After the website PHP handler was changed to another version, the website FastCGI application of the previous PHP handler version is now removed. (PPP-51988)
• Restoring a subscription no longer occasionally causes the “Call to a member function getType() on null” warning. (PPPM-12712)
• Backups are now longer occasionally restored with the “Unable to restore the configuration of the error documents.” warning shown. (PPPM-12710)
• Sped up how fast Plesk loads the mailbox setting page. (PPPM-12693)
• Configured mail autodiscover no longer occasionally blocks access to Plesk. (PPPM-12767)
• Plesk Reconfigurator that failed to change virtual host locations can no longer stop IIS, misconfigure all websites in Plesk, and make them unavailable. (PPPM-12707)
• Plesk Reconfigurator now correctly changes the server IP address: the DNS server zones contain records with the new IP and the DNS server can resolve the new IP. (PPPM-12718)

Third-Party Component Updates

Linux

• Updated PHP used by Plesk to version 7.3.27.
• Updated Roundcube to version 1.4.11.
• Updated Postfix to version 3.5.9.
• Updated Horde to fix a security issue. We strongly recommend that you update Plesk.
• Updated IMP to version 6.2.27.

Windows

• Updated ASP.NET Core 5.0 to version 5.0.3.
• Updated ASP.NET Core 3.1 to version 3.1.12.
• Updated ASP.NET Core 2.1 to version 2.1.25.
• Updated Horde PHP to version 7.3.
• Updated Horde IMP to version 6.2.27.
• Updated the Horde_Text_Filter library to version 2.3.7.
• Updated Git to version 2.30.0.2.
• Updated PHP used by Plesk to version 7.4.15.

• Security improvements.
• The “Change View” button in the bottom left corner of the screen is now again available for resellers. The button was absent from the reseller interface starting with Plesk Obsidian 18.0.32. (PPP-52256)

• Plesk now supports MySQL 8 as the local (Plesk for Linux) and the remote database server. To learn how to switch the Plesk local database server to MySQL 8 or to perform a clean installation of Plesk on a server with MySQL 8, refer to this KB article.

• It is now possible to hide the controls related to Plesk updates (“Check for updates” and the “Update Plesk” buttons/links) on the Home page (in Service Provider view) and on the Websites & Domains screen (in Power User view).

  To hide the controls, add the following lines to the panel.ini file:

  [updates]
  showControls = false 
  

• It is now possible to hide plesk.com in the Plesk page footer. To do so, add the following lines to the panel.ini file:

  [promos]
  pleskFooter = false
  

• Added the “Database management” checkbox to Restricted Mode. Selecting the checkbox hides the “Database management” controls in the Plesk interface and prohibits the database management.
• Manual setup of email clients now shows the information about the required mail ports and their differences.
• Starting with this update, the Plesk database stores hashes of secret keys used to authenticate API requests rather than ciphertexts. This way, even if a threat actor were to read the Plesk database, they would no longer be able to retrieve any information that would allow them to authenticate via API.

• Security improvements.

  Note: Special thanks to Tarek Bouali (@iambouali) for reporting a security issue.

• Improved the Plesk interface and texts on the “DNS Settings” (domains) and DNS Template > Zone Settings Template (the Plesk server) screens. It should more clear now which field manages the default TTL value for the zone.
• If the reseller login consists of 10 digits (1234567890), the reseller’s incremental backups no longer have the size of the full backup. (PPPM-12533)
• XML API requests now return the correct number of subdomains in a subscription. (PPPM-12592)
• It is now possible to upload a logo file in the SVG format in Tools & Settings > Branding (under “Plesk Appearance”). (PPPM-12339)
• The “Update Domain Status” event is no longer run daily when the domain status does not change (for example, when the subscription the domain belongs to is suspended). (PPPM-12644)
• Backing up to Dropbox no longer shows the checksum warning message. (PPPM-12583)
• It is now possible to set the Plesk language and the description for a customer via REST API. (PPPM-12596)
• Plesk now preserves custom mailbox size and units of measurements and does not reset them each time the mailbox page is opened. (PPPM-12647)
• The mail autodiscover feature disabled on the Plesk server can no longer cause issues for resellers’ subscriptions (previously resellers’ subscriptions could be locked and could not be synced again). (PPPM-12661)
• The additional user with the single “Manage DNS settings” permission can no longer see logs. (PPPM-12630)
• File Manager is now opened faster when displaying a large number of files whose extensions are not hardcoded (for example, .exe or .pdf). (PPPM-12635)
• File Manager is now opened significantly faster when displaying a large number of DLL files (more than 300). (PPPM-12634)
• It is now possible to create DNS records that contain placeholders in the middle. (PPPM-12521)
• If a Plesk license was terminated on a server, the customers no longer receive daily repetitive notifications of resource overuse. (PPPM-12636)
• It is now possible to use the Amazon RDS Integration with MariaDB engine. (PPPM-12645)
• The Contact Support button in Tools & Settings > Support (under “Assistance and Troubleshooting”) > “Contact support without generating a technical report.” now redirects to the correct Plesk Support URL. PPP-51824)

Linux

• Added Brotli support to nginx.

  Brotli compression is enabled by default.

  To disable Brotli on a single domain, specify brotli off; in additional nginx directives.

  To disable Brotli globally, either specify brotli off; in /etc/nginx/conf.d/yy000_brotli_tweaks.conf or run the plesk bin nginx -d brotli command.

• Dropped support for Red Hat Enterprise Linux 6.
• Dropped support for Apache 2.2 and Apache mod_rpaf module (as a part of the change mentioned above).
• It is now possible to add a CNAME record pointing to another CNAME record. (PPP-49117)
• If PHP support was disabled in an add-on plan, the add-on PHP settings can no longer be applied to a subscription in any way. For example, assigning the add-on plan to the subscription will not change the subscription PHP settings. (PPP-49098)
• After installation of or upgrade to Plesk Obsidian, the plesk repair fs command no longer mistakenly detects files with the incorrect permissions in /var/log/plesk. (PPPM-12584)
• In Plesk on CentOS 7 with PHP from the OS vendor, the Apache module php5 can now be enabled or disabled. (PPPM-12628)
• IMAP and POP3 mail accounts configured in Outlook now correctly show emails with UTF-8 characters. The related “Your E-mail reader did not enable Unicode support” error message is no longer shown. (PPPM-12639)
• If Plesk Obsidian was upgraded from Plesk Obsidian 18.0.30 and earlier, the nginx cache size equal to 0 can no longer break the nginx configuration. (PPPM-12605)
• The login name length of password-protected directory users can now be up to 32 characters. Backup restoration no longer throws an error if the password-protected directory login name contains more than 20 characters. (PPPM-12409)
• Improved an error message shown in an attempt to enable Fail2Ban when Plesk does not have Fail2Ban installed. (PPP-51635)
• If web statistics are not generated properly, customers can now understand why because AWStats errors are now logged and customers can see them in the panel.log file (if the show.util_exec_io setting is set to true in the panel.ini file). (PPPM-9832)
• Plesk administrators can no longer set a rule in the Plesk Firewall that blocks themselves and, as a result, can no longer lose access to the Plesk interface. (PPPM-12469)
• The server shutdown in Tools & Settings > Shut Down Server (under “Server Management”) is now executed immediately on the same page after confirmation. The server can no longer be shut down twice if the Plesk administrator kept the shutdown link in the browser and refreshed it after the first shutdown. (PPPM-12091)
• In ModSecurity, the switch from the Atomic Standard to the Comodo rule set no longer causes false-positive bans. (PPPM-12291)
• Plesk Reconfigurator no longer fails if msmtp is installed. (PPPM-12662)
• Migration or backup restoration now preserves the mailbox antivirus settings. (PPPM-12378, PPP-50311)
• Upgrade to Plesk Obsidian from Plesk Onyx on a Debian-based OS can no longer make phpMyAdmin inaccessible. (PPPM-12509)

Windows

• In Plesk 17.8 on Windows Server 2012 R2, the Tools & Settings > Updates (under “Plesk”) page no longer hinders customers from upgrading to Plesk Obsidian. The page occasionally got stuck in an infinite loop and was constantly refreshed. (PI-603)
• Absence of the Plesk \etc\plesk-release file now throws an error and stops the non-interactive upgrade because such upgrade could make Plesk inaccessible. (PPPM-12581)
• SpamAssassin no longer fails to learn if the autogenerated password for the sa_bayes database contains the hash character (#). (PPPM-12579)
• It is now possible to change the \vhosts folder location using Plesk Reconfigurator. (PPPM-12649)
• It is now possible to create a mailbox via the CLI if Auth Policy Status is enabled in MailEnable. (PPPM-12595)
• In Plesk on Windows Server 2012 R2, the Plesk login page can no longer open the default Plesk page after the login to Plesk because the login page does not redirect to HTTP instead of HTTPS. (PPPM-12660)
• File Manager now opens files using links in domain log entries without any issues. (PPPM-12675)

Third-Party Component Updates

• Marked PHP 7.2 as outdated because it reached end of life.
• Dropped support for Internet Explorer 11, which reached end of life.

Linux

• Updated Dovecot to version 2.3.11.3.
• Updated PHP used by Plesk to version 7.3.26.
• Updated Roundcube to version 1.4.10.

Windows

• Updated the Plesk Perl package to version 5.30.3.
• Updated OpenSSL to version 1.1.1i.
• Updated Git to version 2.29.2.3.
• Updated ASP.NET Core 5.0 to version 5.0.2.
• Updated ASP.NET Core 3.1 to version 3.1.11.
• Updated ASP.NET Core 2.1 to version 2.1.24.
• Updated Node.js 12 to version 12.20.1.
• Updated Node.js 10 to version 10.23.1.
• Updated PHP used by Plesk to version 7.4.14.

• Added the missing translations for certain UI messages. (PPP-51477)

Linux

• Installation or update of Plesk Obsidian 18.0.32 and later no longer fails on CentOS 8.3. (PPPM-12582)
• In Plesk Obsidian 18.0.32 and later, customers can now again manage per-site PHP performance and security settings of their subscriptions. (PPPM-12604)

• Databases of applications installed on additional domains are now again backed up. (PPPM-12593)
• “Web Statistics SSL/TLS” and “Web Statistics” now work again for subscriptions with several domains. (PPPM-12594)

Linux

• The plesk repair fs command now works again and does not fail reporting the issue with incorrect permissions in /var/log/plesk. (PPPM-12584)
• In Plesk Obsidian 18.0.32 and later, ModSecurity enabled with any rule set and in any mode no longer occasionally hangs if Plesk was accessed via https://<server-IP-or-hostname>. (PPPM-12591)
• In Plesk Obsidian 18.0.32 and later, switching to ModSecurity3 on nginx no longer shows false positive results when domains are actually incompatible with nginx settings and the web server configuration files can be broken. (PPP-51432)
• In Plesk Obsidian 18.0.32 and later, Apache configuration can no longer cause the webAppFirewallSettings variable error being shown in the Plesk interface. (PPPM-12586)

Linux

• Issued REST API secret keys now work again in Plesk Obsidian 18.0.31 and later. (PPPM-12569)
• Installation or update of Plesk Obsidian 18.0.31 no longer fails in non-interactive mode if the server OS is CentOS 8.2 or 8.3. (PPPM-12582)

• PHP 8.0 is now supported.

  Note: PHP 8 is still very recent (it came out on November 26) and includes significant changes, including the removal of deprecated functions and changes to how code works.

  Because of this, many PHP applications that were written for PHP 5 and PHP 7 may not work correctly with PHP 8. This includes WordPress, which will fix most (but not all) PHP 8 compatibility issues in version 5.6 that will be released on December 8.

  PHP 8 will not be included into the “Recommended” installation set and won’t be installed on new servers or when updating to Plesk Obsidian 18.0.32.

• DNS Helper - a new feature meant to help users understand that their domain does not resolve to the server’s IP address and is inaccessible over the internet, and also to make it easier for them to make their domain resolve correctly. The feature will be rolled out to Plesk servers in waves. To enable it manually, add the following lines to the panel.ini file:

  [dns]
  enableResolveChecking = true
  showDnsHelper = true
  

• Added a new CLI command plesk checkupgrade in both Plesk for Linux and Plesk for Windows. Running the command before updating Plesk checks for issues that may prevent the server from updating safely.
• Added the support for ModSecurity 3 to nginx. ModSecurity 2.9 + Apache remains for now the recommended option. To switch to ModSecurity 3 + nginx, go to “Tools&Settings” > “Web Application firewall”.
  • Switching to ModSecurity 3 may hinder your existing applications. We strongly recommend trying ModSecurity 3 out on a test server before switching your production environment to that version.
  • At the moment you can only choose the OWASP ruleset in the Plesk UI for ModSecurity 3. You can download the Comodo ruleset and upload it to Plesk as a custom ruleset. We plan to make it possible to enable the Comodo ruleset for ModSecurity 3 directly from the Plesk UI in Plesk Obsidian 18.0.33.

  • You can disable switching to ModSecurity 3 by adding the following lines to the panel.ini file:

    [modSecurity] webServer.nginx = Off

• This version introduces a guided onboarding workflow to help new users create their first website right after the new server initialization stage. Users can choose to start with a WordPress website, a PHP application, or a static HTML/CSS website. They can upload a website they already have or choose a sample website provided with Plesk. To disable this function, add the following lines to the panel.ini file:

  [ext-onboarding]
  enabled = 0
  

• As of Plesk Obsidian 18.0.32, Internet Explorer 11 support has been deprecated and will be removed in Plesk Obsidian 18.0.33. Learn more.
• Red Hat Enterprise Linux 6 has entered the vendor end of support phase. Plesk Obsidian 18.0.32 is the last Plesk Obsidian version that supports that OS. Learn more.
• The File Sharing and Bandwidth Limiting (mod_bw) component has been removed. Learn more.
• The UX of renaming websites in Plesk has been improved.

• A publicly resolvable temporary domain name can now be chosen during a website’s creation. The temporary domain name allows you to start working on a new project even if you have no registered domain name. The feature will be rolled out to Plesk servers in waves. To enable it manually, add the following lines to the panel.ini file:

  [techDomain]
  subdomain.enabled = true
  

• The <your_domain> option is no longer marked as recommended in domains’ hosting settings because selecting it can result in an infinite redirection loop under specific conditions. (PPP-50944)
• Cloning a database from a local MySQL server to an external one no longer fails if a database with the same name as the one chosen for the cloned database exists on the local database server. (PPPM-12499)
• When creating a mail account, the “Password” and “Confirm password” fields are now correctly marked as required. (PPPM-12515)
• Updating a MySQL database user’s password via XML-RPC no longer returns a malformed response if the specified password does not meet the requirements of the server password strength policy. (PPPM-12393)
• Updating a subscription’s system user password via XML-RPC now correctly updates the password used to access web statistics for that subscription to the same value. (PPPM-12463)
• Running the plesk bin domain -i command for a domain now correctly shows the log rotation status (on or off) for that domain. (PPPM-12544)
• Full backups are no longer created instead of incremental ones when backing up a subscription with an APS application installed if that application’s database is owned by a different subscription. (PPPM-12537)
• When viewing logs for a subscription, entries from custom logs added via “Logs” > “Manage Log Files” > “Add Custom Log” are no longer incorrectly filtered out. (PPPM-12554)
• Usable error message is now shown if the MySQL writer process is terminated during database cloning. (PPPM-12450)
• Restoring a subscription with the “Drupal-8.9.5-171” APS application installed from a backup no longer results in an error. (PPPM-12477)
• After renaming a PHP handler via the plesk bin php_handler command, the custom name is now shown in Plesk instead of the original name. (PPPM-12556)
• Restoring a backup created on a Plesk server with a large (1000+) number of customers and/or subscriptions no longer fails with the “The specified backup file is corrupted, modified, created on another server or in an earlier Plesk version” error. (PPPM-12461)

Linux

• Creating a domain for a subscription while simultaneously changing PHP settings for an existing domain belonging to the same subscription no longer results in both processes hanging endlessly. (PPPM-12447)
• When creating a subscription on a Plesk Obsidian server that was updated from an earlier Plesk version, the value of the “Restrict following symbolic links” parameter is now correctly passed from the service plan to the subscription. (PPPM-12532)
• Plesk no longer specifies excessively large smtpd_proxy_timeout and smtpd_timeout values in Postfix configuration files during Plesk installation or whenever the plesk repair mail command is run. (PPPM-12236)
• Running the plesk repair mail -y command for a domain no longer removes Postfix SSL configuration for that domain’s aliases. (PPPM-12103)
• Opening “PHP Settings” for a domain no longer results in the “ERROR: Method Smb_Form_Final_Web_PhpSettings::__toString() must not throw an exception” error under specific circumstances. (PPPM-12456)
• Firewall rules can now be managed via the “Firewall” extension on Plesk Obsidian servers running in VZ containers created from the ubuntu-20.04-x86_64 OS template. (PPPM-12390)
• On Debian 10 servers with the “msmtp” component installed, sending mail via an external SMTP server no longer results in an error. (PPPM-12540)
• On Debian 10 servers with the “msmtp” component installed, sending mail via an external SMTP server is now correctly logged to the mail.log file. (PPPM-12540)
• On Plesk servers with Courier IMAP installed, all incoming emails are no longer duplicated for mail accounts that were disabled and then re-enabled. (PPPM-12530)
• Plesk now correctly reports CPU and memory usage for the MySQL (MariaDB) service. (PPP-50838)
• The sw-cp-server service no longer fails to reload or restart under specific circumstances. (PPPM-12525)
• On Plesk servers with the “Plesk Web Server Configuration Troubleshooter” component installed, running the plesk repair web -n command no longer results in the misleading “Problem with nginx default limit for open files is possible” error. (PPPM-12453)
• SDK and internal Plesk utilities no longer treat directories with special bits as files instead of directories. (PPPM-12573)
• On Plesk servers with the “Fix incorrectly set sender for outgoing mail” option enabled in “Tools & Settings” > “Mail Server settings” and outgoing mail control enabled and set to unlimited, sending mail no longer results in the “Error during ‘limit-out’ handler handlers_stderr: ERROR:main:list index out of range” error being written to the mail log. (PPPM-12448)
• It is no longer necessary to reload the page after Plesk initialization to log in if the WebSocket service is stopped on the server. (PPPM-12377)
• Autoresponder now sends replies correctly to messages with national characters in the mail header. (PPPM-11553)
• The “Tools&Settings” > “Services Management” page no longer becomes unresponsive for a long time when starting or stopping certain services (for example, nginx). (PPPM-12252)
• Plesk Installer logs are now rotated correctly if the /root/.autoinstallerrc file contains the line ‘SEPARATE_LOGS=”yes”’. (PPP-47902)
• Changing an IP address on a Plesk server no longer causes issues with sending mail if the old IP address was selected in “Tools&Settings” > “Mail Server” > “Outgoing mail mode” > “Send from the specified IP addresses”. (PPPM-12466)

Windows

• Security improvements.
• Plesk no longer assigns the system privilege “Replace a process level token” to IIS users created by Plesk. We believe this to be a more secure configuration, despite it being recommended by Microsoft.
• Plesk also explicitly removes the privilege “Impersonate a client after authentication” from IIS_IUSRS group. We believe this to be a more secure configuration, despite it being recommended by Microsoft.
• On Plesk servers with SmarterMail version 100.0.7593 or later installed, creating a backup including one or more subscriptions with mailboxes no longer fails with the “Unable to back up mail messages. Error: Failed to list mail messages” error. (PPPM-12454)
• Creating scheduled backups in FTP storage no longer intermittently fails with the “Unable to validate the remote backup. It may not be restored.” error. (PPPM-12482)
• Runnig the repair fs -y command using the name of an add-on domain as the argument now shows a recommendation to use the name of its parent domain instead. (PPPM-12505)
• During the cloning procedure, the MySQL root user password is now correctly changed. (PPPM-12320)
• Changing ASP.NET settings for a domain no longer results in the “assemblies” node in the domain’s web.config file getting removed. (PPPM-12561)
• Changing ASP.NET settings for a domain no longer results in the “authentication” node in the domain’s web.config file getting duplicated.(PPPM-12568)
• Changed ASP.NET settings for a domain no longer reset to the default value the “configuration” element in the domain’s web.config file has the “xmlns” attribute. (PPPM-12555)
• Folders named “tmp” can now be created, copied, moved, or deleted in File Manager. (PPPM-12443)
• Plesk migration no longer gets stuck for a long time on the “Fetch configuration data from Plesk servers” step. (PPPM-12552)
• Running plesk repair ftp on a server behind NAT no longer results in an unnecessary warning. (PPPM-12520)

Third-Party Component Updates

Linux

• Updated PHP used by sw-engine to version 7.3.25.
• Updated ionCube loader for PHP 7.2, 7.3, 7.4, and also for PHP used by Plesk to version 10.4.5.

Windows

• ASP.NET Core 5.0 is now supported.
• Updated ASP.NET Core 3.1 to version 3.1.10.
• Updated ASP.NET Core 2.1 to version 2.1.23.
• Updated PHP used by plesk-engine to version 7.4.13.
• Updated MariaDB 10.5 to version 10.5.8.
• Updated MariaDB 10.3 to version 10.3.27.
• Updated Node.js 12 to version 12.19.1.
• Updated Git to version 2.29.2.2.

• Security improvements.

• Security improvements.
• Creating a mail account as a customer when the “All subscriptions” option is selected in the subscription selection menu no longer fails with the “The specified limit is invalid” error. (PPP-50987, PPP-51161)

• Security improvements.

• Security improvements.
• Updates of WordPress Toolkit installations in Plesk Obsidian 18.0.31 no longer cause the “ArgumentCountError: Too few arguments to function CommonPanel_Aps_Model::logAction()” errors in the Plesk log. (PPP-50964)

• A custom TTL value can now be configured for individual DNS records.

• The “X-Powered-By” header can now be removed from pages served by Plesk servers by adding the following lines to the panel.ini file:

  [webserver]
  xPoweredByHeader = off
      
  and then rebuilding the web server configuration. Go to "Tools & Settings" > "Diagnose & Repair" (under "Assistance and Troubleshooting") and click the "Repair" button corresponding to "Web & FTP Servers".
  

• Mailman links are now served via HTTPS.
• Added the option to validate newly created backups via the checksum to the Dropbox Backup and Amazon S3 Backup extensions.
• Sending a request to a Plesk Obsidian server using an XML-RPC API protocol version earlier than 1.6.9.1 (latest) now results in a warning being logged to the panel.log file. Note: we do not recommend using XML-RPC API protocol versions earlier than 1.6.9.1 with Plesk Obsidian.
• Security improvements. (PPPM-12231)
• A custom domain name for mail autodiscover can now be specified via the plesk bin mailserver --set-mail-autodiscover-domain-name <domain name> reconfigure-dns true CLI command. The command works for both new and existing domains. (PPPM-12370)
• Removing a subscription with WordPress installed as an APS app no longer results in misleading errors in the Plesk interface and the panel.log file. (PPP-50310)
• It is no longer possible to create mail accounts without a password by clearing the “Access to the Customer Panel” checkbox during mail account creation. (PPPM-8076)
• Mailbox quota for domains based on a service plan with mailbox quota specified is no longer set to “unlimited” in the Plesk database. (PPPM-12417)
• Specifying an external email address and an internal email address for a customer no longer results in the internal email address being shown as the customer’s email address to the Plesk administrator. (PPPM-12433)
• Plesk Premium Antivirus no longer fails to start on Plesk servers that have no Plesk Premium Antivirus license key, have TLSv1 disabled for sw-cp-server, have IPv6 disabled, and do not have the /etc/sw-cp-server/conf.d/ipv6_ports.inc file on the file system.(PPPM-12368)

Linux

• CloudLinux 8 is now partially supported. Some of the features may not yet work properly. The choice of PHP selector and the CageFS mode are not currently supported.
• Sending an email from a “*@gmail.com” mail address to a mailbox in Plesk no longer results in SPF handler failure if the domain in Plesk has IPv6 configured and the Plesk server has “include:spf.antispamcloud.com” SPF local rule configured. (PPPM-12075)
• Re-reading IP addresses on the server no longer results in the same IP address being displayed twice (with and without the “Main IP address” flag in Plesk under specific circumstances. (PPPM-11484)
• The plesk sbin statistics utility now reports directories’ stat type as well as size when run with the “-v” option. (PPP-50555)
• Setting “Outgoing mail mode” to “Send from the specified IP addresses” and then to “Send from domain IP addresses” or “Send from domain IP addresses and use domain names in SMTP greeting” in “Tools & Settings” > “Mail Server Settings” no longer results in multiple issues with mail in Plesk due to the Plesk database getting corrupted. (PPPM-12375)
• Running the plesk bin repair --db command after updating to Plesk Obsidian 18.0.30 no longer results in a misleading error message. (PPPM-12392)
• The DMARC handler now logs specific details about DMARC failures to /var/log/maillog. (PPP-50754)
• The DMARC handler no longer fails when processing mail with one or more double quotation mark (“) characters in the sender mail address. (PPPM-12331)
• Moving the main domain of a subscription to a different subscription now sets the correct ownership of the domain’s document root directory. (PPPM-12251)
• Running the plesk repair fs command on a Debian-based OS with rpm installed no longer results in an error. (PPPM-12274)
• Sending an email from a mail account with auto-reply enabled to itself no longer results in the account sending an auto-reply message to itself. (PPPM-12343)
• Plesk now correctly detects Lenovo cloud as as KVM virtualization allowing for the use of VPS license keys. (PPPM-12420)
• Browsing websites hosted on Plesk servers with nginx installed and enabled no longer sometimes opens the Plesk login page instead. (PPP-50362)
• Plesk now validates custom nginx configuration before applying it. It is no longer possible to misconfigure nginx in a way that is impossible to undo via the Plesk interface. (PPPM-12101)
• Running the plesk repair dns command with umask set to “077” no longer breaks the permissions for named configuration files and all zones by setting incorrect permissions on them. (PPPM-12437)
• Sending an email from a mailbox associated with domain A to a mailbox associated with domain B that is hosted in Plesk with “Fix incorrectly set sender for outgoing mail” enabled in “Tools & Settings” > “Mail Server Settings” and forwards mail to a mailbox associated with domain C no longer changes the “From” header as if the email originated from domain B and not domain A. (PPPM-12293)
• Running CLI commands managing the Fail2Ban utility on a Plesk server with inconsistent package system no longer results in a misleading error message. (PPPM-12079)
• Disabling chrooted shell for a system user now correctly results in the /etc/passwd and /etc/group files being deleted. (PPPM-10750,PPPM-10149)
• Improved the nginx cache size validation. (PPPM-12428)

Windows

• The plesk repair installation command is now available in Plesk Obsidian for Windows.
• The path to the ASP.NET dynamic compilation temporary file storage location can now be specified on the “Websites & Domains” > “ASP.NET Settings” page. By default the path is set to “%plesk_vhosts%<domain name>\tmp”.
• Updated PHP used by plesk-engine to version 7.4.11.
• Adding an IP address without a subnet mask or with the /32 mask in “DNS Settings” > “Zone Transfers” for a domain no longer results in all DNS records for the domain being silently removed from the Microsoft DNS Server. (PPPM-12373)
• ModSecurity is now updated correctly during Plesk update. (PPPM-11793)
• Updating a Plesk Onyx server with a custom logo uploaded to Plesk Obsidian no longer results in the “{body}” tag being shown on the bottom of the login page. (PPPM-12412)
• Plesk now puts the tag in its proper place in the `web.config` file. (PPPM-11031)
• phpMyAdmin no longer hangs on LOCK TABLES statements on Plesk servers with MySQL 5.7 installed under specific circumstances. (PPPM-10413)
• Database migration no longer fails on Plesk servers with a secondary MySQL server installed on localhost as default using a different port. (PPPM-12435)

Third-Party Component Updates

• Updated phpMyAdmin to version 5.0.3.

Linux

• Updated Phusion Passenger to version 6.0.6.

Windows

• Updated ModSecurity to version 2.9.3.
• Updated MariaDB 10.5 to version 10.5.6.
• Updated MariaDB 10.3 to version 10.3.25.
• Updated Node.js 12 to versions 12.18.4.
• Updated Node.js 10 to versions 10.22.1.

• After update to Plesk Obsidian 18.0.30, Plesk no longer stops Apache instead of restarting it on certain Debian and Ubuntu servers. (PPPM-12387)
• After update to Plesk Obsidian 18.0.30 Update 1, scheduled backups no longer fail with the “The following files were not found or were corrupted” error if backed up add-on domains have DKIM enabled. (PPPM-12384)

• Fixed the note about SSL warnings on the Plesk login screen. (PPP-50397)

Windows

• Plesk Onyx 17.8.11 that has add-on domains can now be upgraded to Plesk Obsidian 18.0.30 without any issues. (PPP-50357)

• The Plesk login page can now show a notification what hostname to use for logging in to avoid the warning about an untrusted connection. The notification is shown when a user logs in to Plesk using the server IP address, while the server is secured with a valid SSL/TLS certificate from Let’s Encrypt.
• To enhance security, Plesk now generates a random prefix for a temporary server hostname.
• Dropped support for the File Sharing feature. File Sharing is no longer available in Plesk Obsidian by default.
• G Suite can now be set up with the Plesk DNS service because it is now possible to set an MX priority value to 1 in the Plesk interface.
• Dynamic List view now shows a number of subdomains and domain aliases (if any) and a number of pages they occupy.
• Increased the load speed of Dynamic List view.
• Improved the look of the empty list of Plesk UI notifications.
• If IP mapping to a public IP address is configured, plesk bin dns --reset no longer mistakenly resets DNS zones. (PPPM-12186)
• Improved error reporting when UTF-8 characters are malformed (it may happen, for example, during backup restoration). (PPP-50033)
• The statistics (Tools & Settings > Summary Report (under “Statistics”)) no longer contain obsolete mail redirect fields. (PPPM-12336)
• A correct database is now shown on the left side of the screen in phpMyAdmin when one database user exists for multiple databases and the “User has access to all databases within the selected subscription” option is enabled. (PPPM-4734)
• Backup creation no longer occasionally fails with the “Unable to create backups: Unable to create remote backup. Error: Unable to export backup: Transport error: unable to list directory: Curl error: (28)” error. (PPPM-12215)
• A subdomain is no longer created with the mail account tab if the subdomain’s subscription belongs to the service plan that has the “Ability to change mail settings” option disabled. (PPPM-12314)
• The server-wide certificates page (Tools & Settings > SSL/TLS Certificates (under “Security”)) no longer fails to be opened if the server has a large number of subdomains (more than 500) secured with SSL/TLS certificates. (PPPM-12350)
• It is now possible to configure and use FTP storage on the vsftpd 3 servers. (PPPM-12277)
• The plesk repair db utility can now fix the mail service records in the IpAddressesCollections table. (PPPM-4845)
• Improved error reporting of Backup Manager. Backup Manager now considers content errors to be warnings and proceeds with backup restoration. (PPPM-12334)
• Improved error reporting of Backup Manager. Backup Manager now sends the information about all occurred issues to the email address configured in the scheduled backup task. Failures to dump subscription databases are now regarded as important issues because they prevent subscriptions from being fully restored. (PPPM-12097)
• Fixed the path to the Plesk favicon. Previously it could be occasionally incorrect. (PPP-49932)

Linux

• Plesk now supports VERP-style email addresses. The corresponding setting (“Enable email subaddressing”) is enabled by default in Tools & Settings > Mail Server Settings (under “Mail”) on new Plesk Obsidian installations.
• The plesk repair web -php-fpm-configuration command can now detect PHP-FPM misconfigurations and fix them by removing obsolete PHP-FPM configuration files.
• To mitigate the Apache and nginx symlinks vulnerability, the “Restrict the ability to follow symbolic links” option is now enabled by default for new service plans and new custom subscriptions. Learn more about mitigating the symlinks vulnerability.

• Made integration with phpMyAdmin more robust.

  Note: phpMyAdmin files are now located in /usr/local/psa/phpMyAdmin.

• Updated sw-engine to version 2.30.1.
• Updated sw-engine PHP to version 7.3.22.
• Watchdog can now be activated on CentOS 8 in VZ containers.
• Under specific circumstances, Plesk no longer fails to detect the main IP address on the server. (PPPM-11484)
• If, in Restricted Mode Settings, Firewall (under “Tools & Resources”) is selected, while Extensions management (under “Extensions”) is not, going to Tools & Settings > Firewall no longer shows the “permission denied” error when Power User view and Restricted Mode are enabled. (PPPM-8847)
• The dk_sign mail handler no longer throws segmentation faults if an email contains DKIM-Signature as the last header. (PPPM-12221)
• Users can no longer lose access to phpMyAdmin via Plesk after updating to Plesk Obsidian or after Plesk Obsidian updates. (PPPM-11253)
• AWStats TXT files are now completely removed after the corresponding TTL has expired. (PPPM-10655)
• Plesk now detects and shows the warning if a new PostgreSQL database name and user name are the same. (PPPM-12224)
• Auto-replies can now be delivered via a relay host to email addresses whose names contain non-ASCII characters. (PPPM-11553)
• Made the “IP address ban period” field of Fail2Ban longer. The field now completely displays large values. (PPPM-12349)
• Improved a confirmation message shown when plesk repair ftp can remove an orphaned system user. Additionally, plesk repair ftp no longer removes the user’s home directory. (PPPM-11058)
• A domain alias can no longer point to a subdomain instead of the main domain. (PPP-49923)
• It is no longer possible to create a subdomain with the webmail prefix (for example, webmail.example.com) if the main domain already has webmail enabled. (PPPM-12356)
• If a domain’s access_ssl_log contains lines with the malformed URI sequence, the log browser no longer shows the blank page instead of the actual log. (PPPM-12345)
• In Plesk on CentOS 8, a mailing list can now be restored from a backup. (PPPM-12347)
• Fixed specific cases when a Plesk license for virtual machines could not be installed on KVM virtualization. (PPPM-12317)
• After some domains were deleted from a server and PHP-FPM was reloaded, php-fpm.sock of some domains is no longer lost and the domains no longer become unavailable. (PPPM-12280)

Windows

• Updated PHP used by Plesk to version 7.4.10.
• Customers can no longer log in to mail using Horde IMP with an incorrect case password. (PPPM-8584)
• An LDAP query no longer throws the “LDAP local: No Memory” error because libcurl was updated to version 7.71.1. (PPPM-10971)
• A mail account can now be updated via the CLI without any issues after the limit of a subscription’s mailboxes was reached. (PPPM-11679)
• It is now possible to switch to the latest version of SmarterMail without any issues. (PPPM-12295)
• ModSecurity no longer conflicts with SmarterMail API: SmarterMail sites no longer contain ModSecurity modules. (PPPM-12296)
• After Plesk 11.0 was upgraded to Plesk Obsidian, it is now possible to remove subscriptions. (PPPM-12177)
• Fixed error reporting when the SMTP server refuses connection. (PPPM-12267)
• Mail forwarding now works in SmarterMail. (PPPM-12246)
• Plesk updates no longer change an installed myLittleAdmin additional license key to the default myLittleAdmin license. (PPPM-12244)
• MySQL ODBC 3.51 DNS can now be configured with the required settings. (PPPM-12233)
• The plesk bin repair --reconfigure-ftp-sites command can now fix anonymous FTP users. (PPP-46657)
• Plesk now correctly logs issues when ODBC DSN resources are lost after backup import. (PPP-50196)

Third-Party Component Updates

Linux

• Added support for MariaDB versions 10.4 and 10.5. See more details in this KB article.
• Updated Roundcube to version 1.4.8.
• Updated Postfix to version 3.5.6.

Windows

• ionCube Loader 10.4.1 is now shipped with PHP 7.4.
• Updated BIND to version 9.16.6.
• Updated ASP.NET Core 3.1 to version 3.1.8.
• Updated ASP.NET Core 2.1 to version 2.1.22.
• Updated MariaDB to version 10.5 (both for the Plesk database and for customers’ websites).
• Updated libcurl to version 7.71.1.

• The headers of notifications in the Notification Center are no longer malformed. (PPP-50118)
• Outgoing Mail Control now works correctly if the time zone on the server is set to one of the USA time zones (e.g. New York, NY, USA GMT-4). (PPPM-12321)

Linux

• ModSecurity security rules no longer stop working after an unsuccessful attempt to update rules. (PPPM-12324)

• Checkboxes are now again shown in the interfaces of the WordPress Toolkit and SSL It! extensions opened in Safari. (PPP-50041)

Linux

• After update to Plesk Obsidian 18.0.29, custom Comodo rule sets are no longer removed after daily task execution. (PPP-50022)

• It is now again possible to set the Plesk administrator’s email address using subaddressing. (PPPM-12260)

Windows

• Update to Plesk Obsidian no longer fails because of certain unnecessary Horde files, which Microsoft Security falsely detected as malware. (PPPM-12266)
• Forwarding to a domain without SSL support can now be set up again. (PPP-49922)

• The list of domains in Dynamic List view now has indents for domain aliases and subdomains.
• Increased the load speed of Dynamic List view.
• The backup process now correctly calculates server space necessary for a backup by ignoring files configured to be skipped during backing up.
• Repair Kit can now detect and fix the database inconsistency: missing entries in IpAddressesCollections.
• When a user changes a website’s PHP handler, Plesk now informs that this change will make the website unavailable for a number of seconds.
• Increased SecResponseBodyLimit of ModSecurity: certain websites in Plesk can no longer become unavailable because of the “ModSecurity: Output filter: Response body too large” error.
• It is now possible to hide “Skins and Color Schemes” and “Interface management” in Restricted Mode.
• Improved the picture and text shown when the Plesk UI notification pane is empty.
• The “View Certificates” button (Websites & Domains > domain > SSL/TLS Certificates > Advanced Settings) is no longer shown if the Plesk administrator did not configure the button’s link to a website where customers can buy SSL/TLS certificates. (PPP-49711)
• If a database user has the “User has access to all databases within the selected subscription” option enabled, it is now possible to get information about the database user via XML API. (PPPM-12202)
• Changed the reseller’s permission name “Subscription creation in Server Administration Panel and domain creation in Customer Panel” to “Domains Management”. The new name now matches the same permission in resellers’ plans and does not confuse customers and resellers. (PPPM-12184)
• Add-on domains can now be restored from backups created on another Plesk server. (PPPM-12122)
• The “Management of access to the server over SSH” permission in resellers’ service plans now works correctly: a reseller’s subscription system user can no longer receive SSH access that conflicts with the permission. (PPPM-12124)
• A website’s sitemap.xml generated by Web Presence Builder now includes the www and HTTPS prefixes of the website URLs when “Permanent SEO-safe 301 redirect from HTTP to HTTPS” is selected and the www domain is preferred. (PPPM-6867)
• File Manager breadcrumbs now show the correct location. (PPP-49542)
• Custom buttons can now be created in Additional Services. (PPPM-12171)
• Backing up to FTP storage no longer occasionally fails with the “Unable to find archive metadata” error. (PPPM-12213)
• When trying to open domains’ logs, users no longer occasionally see an HTTP error 500. (PPP-37350)
• If an additional Plesk administrator is logged in to Plesk in Power User view, “Logged in as” no longer shows the username of the main Plesk administrator. (PPPM-12135)
• An additional user’s email address can no longer be created based on a subscription that has the mail service disabled. (PPPM-12188)
• If a Plesk server’s public IP address was set an then removed from the IP addresses, the Plesk Home page (“System Overview”) no longer shows empty brackets next to the Plesk IP address. (PPPM-12117)
• Customers’ external_id can now be updated via REST API. (EXTREST-97)
• A REST API request to retrieve the Plesk administrator’s details now returns the correct type value. (EXTREST-103)
• A REST API request to change a customer’s name now needs only the name field value to be submitted. (PPPM-12198)

Linux

• Ubuntu 20 is now supported. Plesk Migrator supports migration from Ubuntu 16 and 18 to Ubuntu 20.
• Introduced the new option “Fix incorrectly set sender for outgoing mail” that significantly reduces the likelihood of outgoing emails landing in spam (if DKIM and SPF are also enabled and properly set up). If the option is enabled, Plesk fixes incorrect sender headers and the envelope-sender address for outgoing mail.
• Security improvements.
• Update to Plesk Obsidian 18.0.29 will reconfigure Apache and nginx websites.
• Updated PHP used by Plesk to version 7.3.20.
• In Plesk on CentOS 8.1 and Debian 10 with IPv4 and IPv6 addresses, fixed unnecessary steps in the generated firewall script. (PPPM-11795)
• Nginx configs are now removed after nginx support was disabled. (PPPM-11197)
• If a large number of websites use the same PHP handler, the PHP handler change of one website no longer makes websites that use the target PHP handler temporarily unavailable. (PPPM-12241)
• Premium Antivirus by Dr.Web now works without a license key installed when TLSv1 is disabled for sw-cp-server. (PPPM-5740)
• It’s possible to customize MySQL variables used by database export and import via the server-wide my.cnf. (PPPM-10773)
• The “Website Copying” feature can no longer exceed the hard disk quota. (PPPM-11523)
• Plesk Repair can no longer break the Apache configuration and cause websites’ downtime if an SSL/TLS certificate that secures one of the websites has the empty cert_file value in the Plesk database. (PPPM-10522)
• If the free Comodo rule set is selected and WordPress is installed on a website, Fail2Ban can no longer block the Plesk server’s IP address after customers spend some time working in WordPress. (PPPM-11961)
• The list of static files served directly by nginx now contains the webp extension. (PPPM-12109)
• Plesk Repair now checks the ulimit value before showing a warning about it. (PPP-47989)
• If the submitted text of the mailbox quota warning is too long, Plesk now informs that this text cannot be longer than 2000 characters. (PPPM-12089)
• Removed excessive debug messages “ERR [panel] ADD” from the Plesk log. (PPPM-12156)
• Emails sent from a Plesk server with Horde and SpamAssassin enabled are no longer wrongly labeled as spam. (PPPM-12120)
• Site Preview now opens a website even if the website URL does not have a trailing slash. (PPPM-12149)
• The Watchdog (System Monitoring) component can now be enabled in Plesk on CentOS 8 in Virtuozzo containers. (PPPM-12247)
• Update to Plesk Obsidian 18.0.28 no longer fails if Plesk has two protected directory users who have the same names but the letter cases are different. (PPPM-12107)
• If a user scheduled backups to be stored in FTP storage and the FTP timeout is low, the user no longer receives the repetitive warning message “Export error: Size of volume … does not match expected one … . The remote backup may not be restored.” (PPPM-12084)

Windows

• After checking web & FTP servers, “Diagnose & Repair” no longer mistakenly informs that a domain’s temporary file folder is missing. (PPPM-12196)
• If the Plesk administrator’s profile is broken, Plesk Migrator now shows a more detailed error message instead of the general “Unable to set backup sign certificate” error. (PPPM-12105)
• Migration of Microsoft SQL database servers no longer occasionally fails with the “Login failed for user ‘admin’” error. (PPPM-12169)
• When fixing FTP users, Plesk Repair no longer occasionally fails with the “Failed to recreate the junction: ftpmng failed: C structured exception: 0xc0000005” error. (PPPM-12174)
• Mass email messages can now be sent if no template is used and only selected customers are chosen. (PPP-49645)
• plesk_fopen errors are now correctly processed: if a customer does not have the permission to view a certain file, the customers will now see the correct error message. (PPP-49766)
• When trying to open domains’ logs, users no longer occasionally see the “Class ‘Plesk_Log_Timestamp’ not found” error. (PPPM-12165)
• If Plesk installation was interrupted, Plesk is no longer broken and does not show the “ImpersonationCache.db uninitialized/corrupted” error. (PPPM-11384)
• MySQL databases that contain non-ASCII characters can now be again exported without any issues. (PPPM-12116)

Third-Party Component Updates

Linux

• Updated nginx and the sw-cp-server service to version 1.18.0.
• Updated Kronolith to version 4.2.29.
• Updated Roundcube to version 1.4.7.

Windows

• Updated ASP.NET Core 3.1 to version 3.1.6.
• Updated ASP.NET Core 2.1 to version 2.1.20.
• Updated Horde to version 5.2.23.
• Updated BIND to version 9.16.4.

• Security improvements.
• Error messages related to an incorrect AUTO_INCREMENT value in the Plesk database now show a suggestion to fix the error using the Repair utility (either in the Plesk interface or in the CLI).

Linux

• Fixed the following issues previously occurred when the Plesk mail server is secured with an SSL/TLS certificate from Comodo whose certificate chain points to the expired Sectigo root:
  • Connections from webmail and mail clients to the mail server no longer fail. The improvement does not work in Plesk on CentOS 6/RHEL 6/CloudLinux 6.
  • The rule set from Comodo can now be activated.

• Changes of a website’s PHP handler cause the website’s downtime if the Apache restart interval has a non-zero value. To prevent the website’s downtime, it is now possible to ignore the Apache restart interval and to force the web server restart on each change of PHP handler settings. To do so, the Plesk administrator needs to add the following lines to panel.ini:

  [webserver]
  restartApacheWhenChangingFpmHandler=1
  

• After updating to Plesk Obsidian 18.0.28, users that have custom web server templates no longer occasionally have web server reconfigurations errors. (PPPM-12119)
• After updating to Plesk Obsidian 18.0.28, Backup Manager no longer occasionally shows false positive errors that a backup is invalid. If the backup is indeed invalid, an error message is shown and the corresponding entry is written to a log. (PPPM-12110)
• After updating to Plesk Obsidian 18.0.28, a full server backup is no longer erroneously created instead of an incremental one when the base backup exists and it is valid. (PPPM-12112)

• Debian 10 “Buster” is now supported. Plesk on Debian 10 “Buster” has the following limitations:

  • PHP versions 5.2-5.6 and 7.0 are not distributed with Plesk.
  • The time synchronization settings are not available.
  • Connection to the server might be interrupted the first time the Plesk Firewall rules are activated.

  Note: Plesk does not support any dist-upgrade scenarios for Debian 10. To upgrade to Debian 10 from previous Debian versions or other OSes, use Plesk Migrator.

Linux

• The plesk bin repair --db -n command works correctly again and does not return the “Wrong admin password is found for PSA database server” error. (PPPM-12094)

• The Plesk administrator can now disable all promotions in Plesk by adding the following lines to the panel.ini file:

  [promos]
  enabled = false
  

• By default, Plesk is now automatically secured with an SSL/TLS certificate from Let’s Encrypt. See more details.
• Updated sw-engine PHP to version 7.3.18.
• Rebuilt PHP 7.4.7 on CentOS 7/RHEL 7/CloudLinux 7 because of the Oniguruma update.
• Running the plesk repair fs command now shows a clearer message if suspicious ownership of files and directories is detected in the root directory of a domain. (PPPM-4400)
• If the AUTO_INCREMENT issue appears, the Plesk administrator can now fix it by running the plesk repair db -y command. (PPP-49217)
• Websites’ screenshots in Dynamic View are now rendered significantly faster. (PPPM-11589)
• Improved the search for domains: extra spaces or tabs no longer empty the search results. (PPP-49037)
• The resellers’ mailbox quota is now calculated correctly. (PPPM-11653)
• The “Site name” drop-down list on the “Website copying” screen now shows websites in alphabetical order. (PPP-49370)
• Changes in the server-wide SpamAssassin settings now actually update these settings. (PPPM-11983)
• Limited the number of email addresses that can be added to the mail forwarding list. (PPPM-10677)
• Changing a PHP version now preserves the selected PHP handler type if the PHP version supports the handler. (PPPM-10694)
• It is now possible to add non-endpoint IP addresses via the Plesk interface. (PPP-49198)
• When Plesk has several subscriptions, the “Open” button next to “Databases” on the domain page in Power User view now opens the “Databases” screen. (PPPM-9466)
• PHP settings in site-isolation-config now work again. (PPPM-12020)
• It is now possible to add only IP addresses (without a mask) in Domains > domain > DNS Settings > Zone Transfers. (PPPM-10874)
• Removed the outdated release-tier and autoupgrade-stable parameters from the plesk bin server_pref utility. (PPPM-11614)
• During backups’ restoration, Plesk now resets the objects selected to restore each time users change a type of objects to restore (for example, database or files of domains). This prevents the impression that multiple objects types can be restored at once. (PPPM-12028)
• The password reset link is now present for mail on subscriptions that do not belong to the Plesk administrator. (PPPM-12033)
• Statistics in summary reports are now calculated for resellers. (PPPM-11034)
• An attempt to delete a non-existent remote backup no longer results in an error. (PPP-47687)
• Put a limit on long scheduled tasks to prevent cases when the Plesk interface hangs because of massive data stored in a long task. (PPPM-11966)
• It is now possible to restore a full server backup stored in the Google Drive Backup storage when the “Restore this backup despite the fact that it does not have a valid signature” option was not enabled and the Plesk server has a large number of subscriptions (more than 100). (PPPM-12029)
• The “Activate/Deactivate Services” button is no longer missing for mail of a subscription created under a hosting plan that has the 0 value in “Maiboxes”. (PPPM-10770)
• Network errors no longer can hinder backing up and restoration. (EXTPLESK-1948)
• The Plesk interface now clearly shows that backup rotation depends on a number of stored backup files. (PPPM-11931)
• It is now possible to back up a server to FTP storage if the server has customers whose names contain German characters. (PPPM-11967)
• “Mail configuration and content” is no longer shown during backing up in Plesk without mail. (PPP-48943)
• It is now possible to see details of backups if the backups were created by resellers and contain resellers’ subscriptions. (PPPM-11914)
• Editing DNS records can no longer occasionally lock subscriptions. (PPPM-11940)
• It is now possible to remove a mail account from an add-on domain if the mail service of the mail domain is disabled. (PPPM-11974)
• Resellers can now increase outgoing mail limits in the email address settings if they have already been changed. (PPPM-11496)
• The “SSL/TLS support” and “Permanent SEO-safe 301 redirect from HTTP to HTTPS” options are now automatically enabled in hosting settings of customers’ subscriptions created under a hosting plan in which the settings were disabled. (PPPM-11563)
• It is now possible to update a subdomain’s settings via the CLI or API when the main domain has the disabled PHP support. (PPPM-11947)
• Removing a subscription with configured remote storage settings now also removes all the subscription’s backup settings from the psa.BackupsSettings table. (PPPM-11933)
• If FTP storage was configured for a domain that had already used the storage and then the storage had some connectivity issues, it no longer takes about a minute to open the domain’s Backup Manager. (PPPM-12060)
• It is no longer possible to lose access to a MySQL database if the database name has the maximum allowed size and contains underscores. (PPPM-12057)
• Errors in extensions’ custom buttons can no longer break the whole Plesk page. (PPPM-12021)
• Sped up the migration of subscriptions to the target server with the same OS and Plesk version as the source by removing unnecessary information from backup.log and the XMl-configuration file when the subscriptions are backed up. (PPPM-11919)
• Plesk now shows sizes and numbers of tables for all databases of a subscription if the subscription has a large number of databases (more than 25). (PPPM-12062)
• Backup Manager now shows comments (if any) under the “Comments” column for backups stored in remote storage. (PPPM-11714)

Linux

• PHP shipped with Plesk now supports Argon2.
• Removed the mirroring feature from Plesk Autoinstaller.
• Moving a domain that uses PHP-FPM handlers to another subscription no longer occasionally fails. (PPPM-4225)
• If the root (/) and /var directories are located in different partitions, it no longer negatively affects chroot setups. (PPPM-11977)
• Resellers can now choose the exact FPM application type (served by Apache or by nginx) in their own service plans. (PPPM-12019)
• Running the plesk bin http2_pref --enable command to enable HTTP/2 now updates TLS versions for nginx. (PPPM-11991, PPPM-11965)
• After update to Plesk Obsidian, IMAP and POP3 mail accounts configured in Outlook now correctly show emails with UTF-8 characters. (PPPM-11248)
• If the SpamAssassin filter is enabled, it is now possible to return to a previous domain name without the “Integrity constraint violation: 1062 Duplicate entry” error. (PPPM-12016)
• Plesk now validates the Apache and nginx directives more strictly: users are less likely to accidentally break nginx. (PPPM-11962)
• Removed obsolete Python modules. After a Plesk update, the var/log/plesk/install/plesk_<version>_installation.log log will no longer contain confusing error message from these modules. (PPPM-11981)
• If Plesk is configured with a remote database server, databases are now backed up. (PPPM-11993)
• The cgi-bin directory is now added to the website directory template on new Plesk installations. As a result, the directory is created in /var/www/vhosts/ when “CGI support” is selected in a domain’s hosting settings. (PPP-46488)
• It is now possible to change an email password via webmail in certain network configurations because xinetd ACL now allows all correct connections from the localhost. (PPPM-11839)
• Postfix Sender Rewriting Scheme (SRS) now works with email addresses that contain the plus sign (+). (PPPM-10128)
• After a PHP script located in the customer’s home directory was run by a scheduled task, chroot environment is no longer set up for the directory. (PPPM-11985)
• The greylisting logs now contain the information explaining why emails were rejected. (PPP-47900)
• Plesk Autoinstaller now checks for errors in yum/dnf during a Plesk update. If the errors are found, the update is stopped and an error message is shown. (PPPM-11956)
• It is now possible to add or remove a large number of items (more than 2000) to or from the black/white list. (PPPM-11900)
• The Roundcube and Horde php.ini templates now have the local open_basedir directive that does not override the global one in the Plesk php.ini. This prevents customers from accidentally breaking the Plesk php.ini.
• After the PHP-FPM handlers’ configuration was updated, Plesk now force restarts PHP-FPM. As a result, if the new configuration failed to be applied, users will see an error in the Plesk interface right away. (PPPM-11570)
• “Quick Preview on a domain name in Plesk” now works for domains hosted on a IPv6 server. (PPPM-12008)
• Greylisting no longer rejects emails from Instagram. (PPPM-11674)
• The plesk repair fs utility now fixes incorrect permissions in /var/www/vhosts. (PPPM-12051)
• Improved a message shown after the Comodo rule set was activated. (PPPM-10829)
• Creating or deleting domains on a server that has a larger number of subscriptions (more than 100) no longer occasionally causes the “httpd: Syntax error on line” error being shown. (PPPM-9180, PPPM-7236)
• The /var/log/httpd/error_log file no longer contains the following multiple error messages: “client denied by server configuration: /usr/share/plesk-service.localdomain/”. (PPPM-11377)
• Improved a message shown when nginx is not enabled but there was an attempt to start it. (PPP-46905)
• Mail Autodiscover now works when the www domain is selected as the preferred domain. (PPPM-11747)
• Mail now works on a subscription that belongs to a hosting plan whose mail service was disabled and then enabled both for the hosting plan and the subscription. (PPPM-11958)
• A subscription’s disk usage statistics can no longer show the chroot directories category with a non-zero value if the chroot shell environment was not enabled. (PPP-49136)
• Fixed the iptables version detection in the Plesk firewall script on operating systems with nftables (CentOS 8 and Debian 10). (PPPM-11795)
• It is now possible to create a mailbox on a subdomain after the plesk repair utility fixed the subdomain. (PPPM-11954)
• The “Mailbox usage exceeded 95% quota” email notification now has the date header with the current server time: the notification is less likely to be misplaced. (PPPM-12055)
• It is no longer possible to select a disabled PHP handler for a domain after switching between “No web hosting” and “Website hosting” in the domain’s hosting settings. (PPPM-11928)
• A full server backup is now created without warning messages after a domain was moved to another subscription. (PPPM-11765)
• It is no longer possible to change the database server used for the Plesk psa database or change the database’s password via the CLI or API. (PPPM-11086)

Windows

• Plesk no longer gets stuck on the “Initializing” screen if the selected trial license option failed to be processed. (PPP-49156, PPP-47384)
• To prevent issues with accessing Plesk, the urlrewrite package is now updated before the panel package. (PPPM-12027)
• It is now possible to manage databases on SQL Server 2008 and SQL Server 2008 R2 in Plesk. (PPPM-11942)
• When SSL/TLS certificates are updated, an old certificate is now automatically deleted after it was replaced with the newly issued one. (PPPM-11953)
• Custom buttons’ icons are now loaded correctly. (PPPM-12038)
• An update from Plesk Onyx to Plesk Obsidian is now blocked and a warning message is shown if Active Directory Domain Controller and Plesk are installed on the same server. Resuming the update with this configuration will break Plesk after the update. (PPP-48660)
• It is now possible to add multiple server headers at once via the CLI by using the -add-web-server-header option with the plesk bin domain --update-web-server-settings <domain_name> command. (PPPM-12031)
• The installation of Microsoft .NET Core 3.1.4 - Windows Server Hosting no longer fails with code 1638 and no longer breaks Plesk. (PPPM-12030)
• Plesk now hides the “Add database” button when the limit of MySQL databases is reached. (PPPM-11939)
• Plesk can now import dumps of very large Microsoft SQL databases without any errors. (PPPM-11996)
• The outdated PHP handlers (versions 5.6 and 7.0) no longer contain custom upload_tmp_dir as their values. (PPP-49179)
• Plesk can now export MySQL 5.1 databases. (PPPM-12002)
• It is now possible to rename a subscription if its mail service was secured with an SSL/TLS certificate generated in Plesk (for example, a Let’s Encrypt certificate or a self-signed one). (PPPM-11995)
• It is now possible to change the administrator’s credentials for the Microsoft SQL server in Plesk. (PPPM-12001)
• Plesk can now use the custom DumpTempDir value for temporary backup files. (PPPM-11935)
• After an attempt to install WordPress via Applications on a server that has disabled PHP handlers and MySQL, a clear error message is now shown instead of an HTTP error 500. (PPPM-10705)
• Plesk now backs up unassailable log files without warning messages. (PPPM-10885)
• PowerShell scheduled tasks now work in Plesk on Windows Server 2019. (PPPM-11321)
• It is now possible to rename a database user of the remote Microsoft SQL database in the Plesk interface. (PPPM-12059)

Third-Party Component Updates

Linux

• Updated Roundcube to version 1.4.6.
• Updated Horde to version 5.2.23.
• Updated Dovecot to version 2.3.10.1.

Windows

• Updated ASP.NET Core 3.1 to version 3.1.15.
• Updated ASP.NET Core 2.1 to version 2.1.19.
• Updated MariaDB to version 10.3.23 (both for the Plesk database and for customers’ websites).
• Updated MariaDB Connector/C to 3.1.8.
• Updated BIND to version 9.16.3.
• Updated Node.js 12 to versions 12.18.0.
• Updated Node.js 10 to versions 10.21.0.
• Fixed a severe vulnerability in myLittleAdmin.

• Website configs are now regenerated if Plesk had previous upgrades from version 11 or earlier. (PPPM-11952)
• Added certain translations that were missing from Plesk 18.0.27. (PPP-49052)

Linux

• Enabling Plesk Firewall no longer crashes the sw-cp-server service. (PPPM-9966)
• Multiple sw-cp-server restarts no longer cause Plesk downtime on Ubuntu 18.04. (PPP-49063)
• Plesk Obsidian can be now updated to version 18.0.27 without the “20200423164000-create_stored_sslmng_configuration” warning being shown. (PPPM-11943)
• Hosting settings can now be changed if the sysuser login has more than 20 characters. (PPPM-11955)

• The GD library shipped with Plesk PHP packages now supports WebP.
• Fixed inconsistencies found in the Plesk database before initializing Plesk.
• Subscription backups are no longer created in invalid state if there are improper values in the ‘protected_dirs’ table in the Plesk database.(PPPM-11889)
• In German locale, on the administrator’s home page, a number of words are now displayed in German instead of English. (PPPM-11887)

• It is now possible to configure which TLS version to use when creating backups in FTP storage by adding the following lines to the panel.ini file: (PPPM-11906)

  [pmm]
  ftpMaxTlsVersion = 12
  

• It is now possible to hide the “Cookies” link found on the login screen by adding the following lines to the panel.ini file: (PPPM-11808)

  [gdpr]
  cookieSettings.loginFormEntrypointEnabled = false
  

• The File Sharing and Bandwidth Limiting (mod_bw) components have been deprecated and will be removed soon. Learn more.
• In a number of non-English locales, the database export progress dialog messages are now shown in the corresponding language instead of English. (PPPM-11875)
• On servers with the “Skins and Color Schemes” extension installed and enabled and a custom skin installed, logging in to Plesk and refreshing the page no longer resets the skin to the default one. (PPPM-11831)
• Operations in Plesk no longer sometimes fail with the “Integrity constraint violation: 1062 Duplicate entry for key ‘PRIMARY’” error. (PPP-48787)
• Creating a backup in Amazon S3 storage no longer produces unhelpful error messages in case of failure. (EXTPLESK-1742)
• Restoring a customer account from backup no longer fails if the customer’s password is missing from the backup. (PPPM-11867)

Linux

• Updating Plesk no longer results in system packages and installed extensions being updated as well, which should decrease the number of failed updates.

• It is now possible to enable beta support for dynamic IP addresses by adding the following lines to the panel.ini file (not recommended for use in production, please report any issues you encounter on the Plesk Forum):

  [network]
  dynamic_ipv6 = on
  

• Using Dovecot on Plesk servers deployed on LXC no longer results in errors. (PPPM-11878)
• The plesk repair web <domain.tld> no longer reports all domains without physical hosting as having problems. (PPPM-10907)
• The plesk repair web <domain.tld> now correctly repairs web server configuration issues for domains without physical hosting. (PPPM-10907)
• Under specific circumstances, Plesk no longer fails to detect the main IP address on the server. (PPPM-11484)
• On Red Hat Enterprise Linux 8 and CentOS 8 servers, installing Plesk now finishes successfully if the chsh utility is missing from the server. (PPP-48847)
• PostgreSQL database server is shown in “Tools & Settings” > “Database Servers” even if it is not started or initialized. (PPP-48341)
• Enabling a disabled Fail2ban jail no longer results in misleading errors being written to the ‘/var/log/fail2ban.log’ file. (PPPM-8105)
• Running the apache2ctl -t or systemctl restart httpd commands after creating a certificate for a domain via the Let’s Encrypt extension and the removing the ‘*-ca.crt’ part no longer breaks Apache configuration.(PPPM-11899)
• On Red Hat Enterprise Linux and CentOS servers, constants for selecting SSL/TLS versions are now available in PHP shipped with Plesk. (PPPM-11904)
• Running the plesk repair web -y command now correctly fixes Apache configuration if the ‘*-ca.crt’ part of SSL/TLS certificate is missing for one or more domains. (PPP-48798)
• Trying to log in over FTPS using an incorrect password for an existing user no longer results in the connection being reset due to ProFTPd experiencing a segfault. (PPPM-11866)
• On Red Hat Enterprise Linux 8 and CentOS 8 servers, the Postfix service no longer fails to start. (PPP-48637)
• On CloudLinux 7 servers, installing Plesk with Phusion Passenger, installing and configuring CageFS, and then installing the passenger-cagefs package no longer fails with the “clcommon.cagefs python module is unavailable” error. (PPPM-11922)

Windows

• Running the plesk repair fs command now also checks for missing, corrupted or outdated Plesk files.
• The plesk sbin websrvmng --configure-plesk-website command no longer fails if an “application/octet-stream” MIME type for the .* file extension exists on the server. (PPP-48654)
• Publishing a site snapshot in Web Presence Builder no longer results in an error if the “Enable Win32 long paths” policy is disabled on the server. (PPPM-10611)
• Restoring a backup when there is not enough free disk space on the server now results in a more helpful error message. (PPPM-11912)
• PHP scripts using the file_get_contents() function no longer fail with the “Warning: file_get_contents(): SSL operation failed with code 1.” error. (PPPM-11909)
• On Plesk servers with SmarterMail installed, mail content for newly created domains is now correctly stored in the “C:\SmarterMail\Domains\example.com” directory instead of “C:\SmarterMail\Domains\Domains\example.com”. (PPPM-11659)

Third-Party Component Updates

• Updated Horde to version 5.2.22.

Linux

• Updated OpenSSL used by nginx to version 1.1.1g.

Windows

• Updated SpamAssassin to version 3.4.4.
• Updated OWASP ModSecurity CRS to version 3.2.0.
• Updated MariaDB to version 10.3.22 (both for the Plesk database and for customers’ websites).
• Updated plesk-engine PHP to version 7.3.17.
• Updated Git to version 2.26.2.

• Plesk now supports CentOS 7.8. (PPPM-11893)

• With this update (18.0.26) Plesk Obsidian is now considered to be a “stable” (late adopter) release.

  Late adopter release. By the time this tier becomes available, the latest Plesk version has been out long enough to have most of its nagging issues discovered and fixed. You can be certain that the Plesk version you are about to install has already been used in production environments for some time, and there are no major issues that could compromise the stability of your Plesk servers.

• Which domain to use to access Plesk via the standard HTTPS port can now be configured via the Plesk GUI. Go to Tools & Settings and look for Customize Plesk URL (under “General Settings”).
• Domains with the “Forwarding” hosting type now support HTTPS. The support for securing such domains with Let’s Encrypt certificates via the Let’s Encrypt extension will be added later. (PPP-42238)
• Plesk interface no longer partially fails to load on Plesk Obsidian servers protected by CloudFlare with RocketLoader enabled. Still, we do not recommend using RocketLoader with Plesk, as not only it will not speed up UI rendering, but may slow it down and cause UI to flicker.

• Certain Plesk features (Web Users, Web Presence Builder, and Website Copying) that are hidden in Dynamic View by default can now be returned to the Plesk interface by adding the following lines to the panel.ini file:

  [dynamicList]
  enableFeatures = webusers, sitebuilder, sitecopy
  

• Updated xdebug to version 2.9.4.
• Updated uuid to version 1.1.0.
• Updated sw-engine to version 2.27.6.
• Updated sw-engine PHP to version 7.3.16.
• The File Sharing and Bandwidth Limiting (mod_bw) components will be deprecated in the next Plesk Obsidian release (18.0.27). Learn more.
• The “PHP Settings” button is no longer missing in Power User view on Plesk servers with the Restricted Mode turned on, “PHP version and handler management” enabled, and “Hosting settings management”, “Common PHP settings management”, and “Setup of potentially insecure web scripting options that override provider’s policy” disabled. (PPPM-11542)
• The “Activate the mail service” checkbox is no longer shown to customers during domain creation if their service plan does not include access to mail. (PPPM-11626)
• The date of the last backup is once again correctly written to the “BackupsSettings” table of the Plesk database. (PPPM-11721)
• Scheduled backups are now properly stored for X weeks instead of X days (X is determined by the value of the “Keep backup files for X weeks” option). (PPPM-11796)
• Full backups are no longer created instead of incremental ones if the server hostname contains one or more uppercase characters. (PPPM-11825)
• Browsing the Application Vault no longer results in the “Package with UID ‘’ not found” error. (PPP-48152)
• Storing a backup on Microsoft One Drive no longer fails if One Drive erroneously reports 0 GB free space remaining and the “Start the backup only if your server has the sufficient amount of free disk space” option is enabled. (EXTPLESK-1716)
• The pleskrestore utility can now be called via REST API. (EXTREST-112)

Linux

• Added the ability to set priority for backup processes. Go to Tools & Settings > Backup Manager (under “Tools & Resources”), click “Settings” and look for the “Run scheduled backup processes with low priority” and “Run all backup processes with low priority” options. (PPPM-10734)
• On Ubuntu 16.04 x64 servers, the installed iptables version is now returned correctly. (PPPM-9487)
• Running plesk repair db -y on a newly installed Plesk Obsidian server that has not yet been initialized no longer makes later attempts to initialize the server fail. (PPPM-11446)
• Changing a customer’s password no longer results in the “The external email address matches the primary one” error if the “Enable mail management functions in Plesk” option is disabled in Tools & Settings > Mail Server Settings (under “Mail”). (PPPM-11745)
• Custom error pages are now displayed correctly for domains served by nginx only. (PPPM-11748)
• Domains can now be added to the mail server blacklist if the Plesk interface language is set to German. (PPPM-11766)
• Read email messages fetched via the POP3 protocol are no longer marked as new after switching from Courier 5 to Dovecot. (PPPM-11776)
• On newly installed Plesk Obsidian servers the server IP address is now automatically added to the Fail2Ban trusted IP addresses list. (PPPM-11777)
• On CentOS 8 x64 servers, checking the status of the firewall via the systemctl status psa-firewall command no longer results in an error. (PPPM-11795)
• Updating Plesk no longer makes the names of some mail folders to become unreadable. (PPPM-11801, PPPM-11807)
• On Plesk servers using apache in tandem with nginx, clients’ IP addresses are now correctly logged in /var/log/httpd/access_log instead of the server’s IP address. (PPP-38930)
• Plesk servers with Plesk Premium Antivirus installed no longer send the admin an email warning them of the “Dr.Web Updater: failed to download files” error every time scheduled tasks are processed. (PPP-45087)
• nginx no longer returns the “504 Gateway Timeout” error when processing slow PHP scripts. (PPP-45489)
• Plesk no longer produces the “PHP Notice: Undefined variable: locale” error under specific circumstances. (PPP-48212)
• On CentOS 8 x64 and Red Hat Enterprise Linux 8 servers, Plesk installation and updates no longer fail if the network connection to the configured CentOS mirror is slow. (PI-658, PPP-48254)
• On CentOS 8 x64 and Red Hat Enterprise Linux 8 servers, Plesk updates no longer fail if certain Python 3 packages are installed on the server. (PPP-48266)

Windows

• Removed obsolete information from the notification shown when securing webmail with an SSL/TLS certificate. (PPPM-6184)
• Creating a backup on a mapped drive via the pleskbackup.exe utility no longer fails with the “The system cannot find the path specified” error. (PPPM-11761)
• Incremental backups now only contain new email messages instead of all email messages. (PPPM-11772)
• Updating Plesk on a server with a Microsoft SQL Server 2017 instance no longer fails. (PPPM-11785)
• Creating a Microsoft SQL Server database no longer fails if the limit on MySQL databases in the Service Plan is reached for the subscription. (PPP-46436)

Third-Party Component Updates

• Updated phpMyAdmin to version 5.0.2.

Linux

• Updated Roundcube to version 1.4.3. The “Elastic” responsive skin with full mobile device support is now enabled by default.
• Updated OpenSSL used by nginx to version 1.1.1f.
• Updated Dovecot to version 2.3.9.3.
• Updated Horde ActiveSync to version 2.41.3.
• Updated Horde Form to version 2.0.20.
• Updated Horde Image to version 2.6.1.
• Updated Horde Test to version 2.6.4.
• Updated Horde Socket Client to version 2.1.3.

Windows

• Updated .NET Core 3.1 to version 3.1.3.
• Updated .NET Core 2.1 to version 2.1.17.
• .NET Core 3.0 and 2.2 are no longer shipped with Plesk.
• Updated IIS URL Rewrite Module to version 7.2.1993.

Linux

• Fixed conversion to UTF-8 in Plesk with Dovecot when mailnames without mailboxes exist. (PPPM-11757)

• If the limitations on outgoing email messages are turned on in the mail server settings, Outgoing Mail Control no longer reports false positive and false negatives results on the Home screen. (PPP-48115)

Windows

• Mail in the SmarterMail mail server can be now backed up if a mail account’s password was changed via the SmarterMail client. (PPPM-11684)
• Mail in the SmarterMail mail server can be now backed up without the “Unable to back up message Inbox/1.1: Syntax error in ENVELOPE.” warning. (PPPM-11719)

• Plesk now support CentOS 8/RHEL 8 (installation and migration). Note that a number of limitations exist.
• Mail autodiscover now works for Microsoft Outlook 2019/O365 mail clients. (PPPM-11428)
• As a part of GDPR compliance changes: added the cookie information banner shown the first time users log in to Plesk. Users can now also set their cookie preferences in Plesk (using the corresponding button on the banner or going to Tools & Settings > Cookies in Plesk (under “Plesk”)).
• It is now possible to check for Plesk updates on the Home screen.
• Users from areas embargoed under Internal Export and Sanctions Compliance Policy can no longer use Plesk with a trial license. When the users proceed with a trial license, they see a message that Plesk is not currently available in their regions.
• The Plesk default password strength policy is now set to “Strong” on new Plesk Obsidian servers. Existing Plesk servers that were updated to Plesk Obsidian 18.0.25 keep their chosen password strength policies.
• Removed the Cloudflare from Plesk Autoinstaller.
• Retrieving keys now works correctly (a 502 Bad Gateway error is no longer shown) on servers with a large number of customers, resellers, or additional users (more than 700). (PPPM-11672)
• Backing up large databases (more than 50 GB) no longer fails. (PPPM-11535)
• It is now possible to use custom buttons with Dynamic List view. (PPPM-11584)
• Customers and additional users can no longer create subscriptions. (PPPM-11680)
• The server backup can now be created if a customer login contains the forward slash character (“/”). (PPPM-11640)
• A database user whose password is encrypted can now import and export the domain database after providing the database password. (PPPM-7968)
• Extensions with EventListener can no longer break Plesk. (PPPM-11656)
• Plesk email notifications are no longer blocked by SPF in Plesk Obsidian 18.0.23 Update 2 and later. (PPPM-11537)
• The plesk bin pleskbackup server --exclude-domain command can now again exclude domains from a server backup. (PPPM-11695)
• Backing up to FTP storage no longer fails if the destination folder contains non-ASCII characters. (PPPM-11704)
• Headers of Plesk email notifications are now correctly displayed if the sender’s name contains UTF-8 characters. (PPPM-11667)
• Setting IPv6 addresses to none in Web Hosting Access of a domain no longer removes TXT records for the domain. (PPPM-11648)
• A Plesk server created by cloning no longer has an IP address of the template server. (PPPM-11718)

Linux

• Updated sw-engine to PHP 7.3.15.
• The main IP address is now correctly detected even under specific IP configurations. (PPPM-11484)
• Fixed the issue when, occasionally after Plesk cloning, nginx was not running and IP mapping was incorrect. (PPPM-11701)
• It is now possible to restore backups that have a mailing list without its owner. (PPP-47723)
• Plesk on a Lenovo Cloud server is no longer detected as a dedicated server. (PPPM-11660)
• Subscription backups can now be created and stored in an NFS storage. (PPP-46555)
• Mail folders whose names contain umlauts (ä, ö, ü) are now displayed correctly after update from Plesk Onyx to Plesk Obsidian. (PPPM-11200)
• The check on SMTP ports 25 and 587 can no longer return false-positive results. (PPPM-11528)
• It is now possible to create a scheduled backup of a subscription with an add-on domain is the main subscription’s domain is suspended. (PPPM-11698)
• A server backup can now be restored without the “An error occurred while setting MAPS zones:” error message if more that one zone was set. (PPPM-11609)
• Deleting the CA part of an SSL/TLS certificate no longer causes an error. (PPPM-5892)
• Installing Plesk via https://get.plesk.com no longer fails with the “Installation to the host has been already started” error if there has been an aborted or unsuccessful attempt to install Plesk on a server with the same IP address in the past. (PPPM-11275)

Windows

• Maintenance mode is now turned on immediately when the cloning tool is executed.
• Subscriptions with the SmarterMail mail server can be now backed up correctly without multiple warning messages. (PPPM-11682)
• IIS logs are now rotated. (PPPM-11651)
• Numerous interface_async_executor.exe processes no longer hinder Plesk work because their number is now limited. (PPPM-11677)
• Technical reports are now correctly created and, if any issues happen, they are clearly reported. (PPPM-11644)

Third-Party Component Updates

Linux

• Updated ProFTPD to version 1.3.6c, which includes a fix for a security issue. We strongly recommend that you update Plesk.

Windows

• Microsoft Drivers for PHP for SQL Server are now shipped with PHP 7.4.
• Updated Microsoft ODBC Driver 17 for SQL Server to version 17.5.1.1.

• Updating Plesk Onyx to Plesk Obsidian now also replaces the old default pages with brand new ones introduced in Plesk Obsidian 18.0.21 (unless the default pages have been customized, in which case they are not replaced).

• Plesk Administrator can now force all subscriptions to only use the Dynamic, Active, or Classic list by adding the following lines to the panel.ini file:

  [navigation]
  forceWebsiteList = dynamic (or = active, or = classic)
  

  It is also possible to hide one or more options from the list:

  [navigation]
  hideWebsiteList = active, classic
  

• The FileServer component is no longer supported. It will no longer be installed on new Plesk Obsidian servers, but updating to Plesk Obsidian 18.0.24 will not affect this component if it was already installed.
• A new SDK method pm_Domain::getHostingParam has been introduced. It is used for retrieving information about hosting settings of domains. The method enables user-created extensions to use SDK instead of API RPC or direct database queries.
• File indexing was improved for the purposes of creating backups. Plesk no longer tries to include removed files in backups. (PPPM-6486)
• When moving addon domains between subscriptions, users are now warned that any databases owned by those domains must be reassigned manually.
• .webp files can now be used with the plesk bin branding_theme utility to apply custom themes to Plesk Obsidian. (PPPM-11426)
• Accidentally removed SSL/TLS certificates are now automatically restored from the Plesk database when a domain’s hosting settings are changed.
• Backing up a subscription with one or more mail accounts with the autoresponder enabled no longer results in the “Unable to back up autoresponder settings.” error if no mail server is installed. (PPP-47307)
• Plesk no longer allows the creation of non-TXT DNS records containing the underscore (“_”) character. Having one or more such records in a DNS zone hosted in Plesk caused the bind DNS server fail to start. (PPPM-11448)
• Email notifications sent by Plesk servers no longer contain the duplicate “Content-Type” header, which caused them to be bounced during local delivery. (PPPM-11530)
• Dumps of MySQL databases are now correctly included in server-wide Plesk backups. (PPPM-11575)
• Creating a backup no longer fails if usernames of one or more clients being backed up contain the ampersand (“&”) character. (PPP-47205)
• Passive mode is now turned on by default in the FTP storage settings. (PPPM-11461)
• Creating a full server backup no longer produces misleading error messages if the cuBackupRestoreHelper.php file is corrupted. (PPP-47304)
• Backing up a subscription no longer results in an invalid backup if the subscription’s DNS zone contains one or more DNS records of the type “none”. (PPP-47209)
• Backing up a subscription no longer fails if one or more files or directories owned by the subscription could not be read at the time of backup creation (Note: unreadable files and directories are not included in the resulting backup). (PPP-47164)
• Creating a full server backup no longer results in an invalid backup if certain fields in the backup properties have empty values. (PPP-47207)
• Plesk email notifications are now shown in Thunderbird 68.4.2. (PPP-47282)
• It is now possible to upload a file whose name contains square brackets ([ or ]) via File Manager. (PPPM-5294)
• Replaced the “Call to a member function getErrorObjects() on null” error message with a more meaningful one when a backup, under certain circumstances, fails to be created. (PPP-47502)
• It is no longer possible to secure anything with an invalid SSL/TLS certificate whose *.crt part is missing. (PPPM-11458)
• If the mail service for a domain or a subscription (for example, example.com) is disabled, the plesk bin subscription -i example.com command no longer fails. (PPP-45257)
• A directory with the “0” name can now be opened in File Manager. (PPPM-11541)
• A reseller can now install an SSL/TLS certificate via an XML-RPC request without specifying the ip_address option value. (PPPM-11577)
• Updating to Plesk Obsidian now preserves a custom branding and color scheme (if it is set) and no longer changes it to the default Obsidian color scheme. (PPPM-11511)
• If the DNS component is not installed, running the plesk repair all -y command no longer shows the “The NS configuration file … is absent” error. (PPPM-11479)
• Access from property now works again in API RPC. (PPPM-11559)
• Removing an IPv6 IP address registered in Plesk no longer fails with the “Cannot remove the IP address” error. (PPPM-3818)

Linux

• Accessing AWStats data for domains hosted in Plesk no longer results in the “404 Not Found” error. (PPPM-11342)
• Creating a backup on a Plesk Server with the “Acronis Backup” extension installed no longer results in the “Not all the data from /usr/local/psa/var/modules/acronis-backup/ was backed up successfully.” error. (PPPM-11587)
• Creating a backup on a Plesk Server with the “Fail2Ban” component removed no longer results in an unnecessary warning. (PPPM-11521)
• Restoring a subscription no longer results in a warning if the subscription’s system user is using the “bash (chrooted)” shell and the chrooted template has been customized. (PPPM-11515)
• Downloading a large backup file (10 GB or more) from Plesk no longer fails with the the “Network Error” message shown in a browser. (PPP-44962)
• The issue with the plesk repair utility that could not fix issues with the missing libmyodbc5.so package is no longer relevant because Plesk now uses its own plesk-libmaodbc driver. (PPP-37827)
• “Mail for Non-Existent Users” can now be enabled even if the “Bounce with message” text field is empty. (PPPM-11556)
• When restoring a number of domains from a backup, SSL/TLS certificates that secure these domains are now also restored. (PPPM-9686)
• Webserver Configuration Troubleshooter no longer shows that some configs are broken when they are actually not after reconfiguration (for example, after domain’s hosting settings were changed but these changes did not propagate yet). (PPPM-6752)
• Plesk now shows an explicit message what to do with custom web server configuration templates (if any) during update to Plesk Obsidian. (PPPM-11580)
• SSL/TLS certificates from Let’s Encrypt can now be used for client certificate authorization. (PPPM-11544)
• Custom error pages now work when nginx-only hosting is enabled. (PPPM-8889)
• On Ubuntu and Debian, the plesk repair utility no longer hangs in case of apt-get returning an error. (PPPM-10348)

Windows

• Node.js 12 is now supported.
• The maximum allowed length of FTP users’ logins was increased to 20 characters.
• Long tasks now fail with an error message instead of silently getting stuck and never starting if the psaadm and Plesk Administrator users are assigned the “Deny log on as a batch job” security policy. (PPPM-11429)
• Backing up a subscription no longer results in an error message if one or more files owned by the subscription are deleted as the subscription is being backed up. (PPP-47210)
• When Plesk is set up with a remote SmarterMail server, backing up a subscription with mailboxes no longer shows the “Provider ‘SmarterMail Remote’ cannot list mail mesages.” warning. (PPP-47305)
• Calculating web statistics of the parent domain no longer fails with the “The system cannot find the path specified. (Error code 3)” error after a browsed add-on domain of the parent domain was deleted. (PPPM-11456)
• Creating a new domain or enabling the mail service on the existing domain no longer occasionally fails with the “mailmng failed: Loaded Postoffice Configuration Provider (MEAIPO.DLL) MEAOPO.PostOffice.AddPostOffice failed” error. (PPP-42721)
• Plesk Reconfigurator now allows to change the virtual hosts location to a directory on a disk volume with the ReFS partition. (PPP-46513)
• The rotation date of the php_error.log file of a domain is now counted based on the file creation date. (PPPM-11104)
• The SpamAssassin training is now completed without any issues even some emails contain non-UTF-8 characters. (PPPM-11456)
• If an IPv6 address goes before an IPv4 one in the database, the plesk repair ftp command run for a domain no longer shows the “The domain name … resolves to another IP address” warning. (PPPM-11405)

Third-Party Component Updates

Windows

• Updated MySQL ODBC connector 5.3 to version 5.3.14.
• Updated Node.js 12 to version 12.14.1

• Plesk no longer “forgets” the IP address selected as the address to send mail from in “Tools & Settings” > “Mail Service Settings” > “Outgoing mail mode”. (PPPM-11533)
• Backing up one or more subscriptions no longer results in an invalid backup if certain information related to those subscriptions is missing from the Plesk database. (PPPM-11564)

Linux

• Backing up one or more subscriptions with one or more capital letters in the name (for example, “Example.Com”) no longer results in an error message. (PPP-47446)

Windows

• Backing up one or more subscriptions with wildcard subdomain no longer fails with the “Exception: PHP Warning: mkdir(): Invalid path” error. (PPP-47443)

• Backing up a subscription when the logs folder of the subscription’s domain is deleted no longer shows an unnecessary warning message. (PPP-47351)
• Backing up a subscription when the statistics folder of the subscription’s domain is deleted no longer shows an unnecessary warning message. (PPP-47352)
• Backing up a server when the extensions’ data folders are deleted (for example, the /usr/local/psa/var/modules/patchman folder) no longer shows an unnecessary warning message. (PPP-47353)
• Backing up a subscription when its DKIM spam protection is turned on but the corresponding domain keys are missing (for example, because the DNS support is turned off) no longer shows an unnecessary warning message. (PPPM-11503)
• A server backup no longer fails when the TmplData table of a server reseller plan contains the ‘phpSettingsId’ setting. (PPP-47356)
• Domains can be now removed after switching from the Dynamic List to the Classic List view. (PPP-47098)

Linux

• DKIM and DMARC can be now enabled for a server whether the DNS component is installed or not. (PPP-47270)

Linux

• On Plesk servers without an installed DNS server, updating to Plesk Obsidian 18.0.23 no longer results in an internal error when trying to access mail setting. (PPPM-11478)

• Fixed an issue that prevented some Plesk Obsidian 18.0.20 servers from updating. (PPP-46986)

• Webmail for domains with no physical hosting can now be secured with SSL/TLS certificates. Support for securing such domains with Let’s Encrypt certificates via SSL It! will come at a later date.
• Support for Apple Mail was added to the “Configure Email Client” page.
• Plesk administrator can now specify a custom domain name for mail autodiscover in “Tools & Settings” > “Mail Server Settings”.
• Mobile configuration files generated in Plesk to enable mail autodiscover are now signed with the domain’s or the server’s SSL/TLS certificate.
• Redesigned the Plesk notifications’ interface with improved navigation and better placement of Call to Action buttons in mind.
• Improved the templates used by Plesk notifications sent via email by adding paragraphs and HTML formatting.
• Plesk now automatically checks whether the SMTP ports 25 and 587 used for sending mail are filtered. If they are, notifications are shown in the Plesk interface (in “Tools & Settings” > “Mail Server Settings” > “Settings” and “Subscriptions” > “Mail” tab > “Mail Settings”).
• Changed the presentation of long running tasks in the Plesk UI.
• Updated the Dynamic View to make it render better on mobile devices.
• When configuring minimum password strength for the server, ‘Very Weak’, ‘Weak’, and ‘Medium’ choices are clearly marked as not recommended.
• Added PHP 7.4 to the Recommended preset and removed PHP 7.2 from the Recommended preset. Removed PHP 7.1 from the Full preset.
• The “Server Error” screen has been updated to better match the Plesk Obsidian look and feel.
• Plesk resellers can now use the XML API “certificate” operator to generate, install, and remove SSL/TLS certificates.
• Users switching from a trial license to a paid one will now be asked to fill a short feedback form to let us know what motivated them to become a customer. This information will help us better tailor our offering to the customers’ needs and expectations.
• Users that have been using Plesk Obsidian for at least 30 days will now be asked to fill a short feedback form to let us know their thoughts and opinions on Plesk Obsidian. This information will help us better tailor our offering to the customers’ needs and expectations.
• Creating a backup in the FTP storage if the available disk space is insufficient now clearly indicates how much disk space is required for the backup to finish. (PPPM-11389)
• Subdomains for domains with names in punycode can now be created via XML API. (PPPM-11381)
• Creating a dump of a database whose size exceeds the amount of RAM on the server no longer fails. (PPPM-11361)
• It is now possible to switch to Power User view and back in Plesk Mobile application. (PPP-45080)
• The length of the user name provided as an argument is now validated by all CLI utilities, avoiding situations where the execution of some utilities failed midway because the provided user name was too long. (PPPM-11393)
• Exporting a database dump and closing the corresponding notification no longer results in the dump being downloaded for the second time if the “Automatically download dump after creation” option is enabled.(PPPM-11385)
• Domains not owned by the currently selected subscription are not shown to the Plesk administrator in Power User view when using the Classic list and when the total number of subscriptions owned by the Plesk administrator exceeds the limit (100 by default). (PPP-46050)
• The error message that appears when domain creation fails because a subdomain with the name ‘webmail.' already exists in Plesk now clearly states the reason for the failure. (PPPM-11411)
• Trying to contact Plesk support via ‘Tools & Settings’ > ‘Assistance and Troubleshooting’ > ‘Support’ no longer results in a ‘HTTP 403 Forbidden’ error. (PPPM-11421)

• You can now disable the creation of the ‘.ftpaccess’ file when creating backups to the FTP repository by adding the following lines to the panel.ini file: (PPPM-11436)

  [pmm]
  ftpForbidFtpaccessFileCreation = 1
  

• Importing a custom Plesk theme no longer results in misleading warning messages being shown. (PPP-47049)
• Searching for a domain name in Power User view now works as expected (click the domain name to open it) if the total number of domains exceeds the limit configured in panel.ini. (PPPM-11391)
• Customers can no longer attempt to delete backups created by the Administrator (because such backups can only be deleted by the Administrator). (PPPM-10982)
• HTTP POST requests to domains secured with an SSL/TLS certificate and with SEO redirect from HTTP to HTTPS enabled are no longer automatically converted to GET requests. (PPPM-11284)
• The built-in code editor now works correctly if the Plesk locale is set to Arabic or Hebrew. (UILIB-746)
• Updating a Plesk instance using a custom skin to Plesk Obsidian no longer results in a broken skin. Instead, the custom skin is replaced with the default Obsidian skin. (PPP-45324)
• Additional FTP accounts for domains that are disabled can now log in to the server via FTP. (PPP-46062)
• Updating to Plesk Obsidian no longer produces the “getSettings() must be of the type array, null returned” error. (PPP-46354)
• On Plesk Obsidian servers with the “Subscription expiration” event enabled, Plesk now sends a single email listing all expired subscription once per day instead of sending a separate email for each expired subscription. (PPP-46442)
• Searching for domains on mobile no longer results in an error. (PPP-46556)

Linux

• Emails sent via sendmail (including auto-reply) now have a DKIM signature (if DKIM signing is enabled server-wide and for the sender’s domain).
• When updating Plesk, Plesk installer now checks for issues with missing dependencies and duplicated packages before starting the update.
• On Debian 9 servers, Plesk and extension updates no longer fail if some other apt-get or dpkg operation is running at the same time on the server. (PPP-46130, PI-616)
• The ‘postfix’ service no longer randomly fails to start after updating the Plesk ‘postfix’ package. (PPPM-11334)
• Restoring DNS zones from Plesk backups no longer randomly fails with the ‘Unable to manage DNS features: DNS does not return features list’ error. (PPPM-11379)
• DMARC checks no longer result in a segmentation fault under specific circumstances, which caused errors to be written to the logs and temporary files not being cleaned up. (PPPM-10547, PPPM-7166)
• Restoring a website with Drupal installed via the Application Catalog from a backup in Plesk no longer results in Drupal being inoperable. (PPPM-11382)
• The ‘httpsd_access_log’ file is now rotated correctly according to the log rotation settings. Note: a number of Plesk logs are now rotated by the system logrotate (configured in /etc/logrotate.d/plesk). (PPPM-11236)
• The ‘Mailing List’ button is no longer shown in Dynamic List view if the ‘Mailman’ component is not installed on the server. (PPPM-11409)
• Backups stored in the FTP repository are now rotated in accordance with the rotation settings if backup rotation is enabled. (PPPM-10468, PPPM-11418)
• HTTP > HTTPS redirect now works correctly for domains that are configured to be used to access Plesk. (PPPM-11407)
• Changes made to the panel.ini file no longer take time to come into effect. (PPPM-11413)
• Images accompanying the Dynamic List tour are now shown on Plesk servers that use a custom theme. (PPP-47050)
• Plesk Installer no longer fails on CentOS 7 based Google Cloud instances with OS Login enabled. (PI-607)
• Website Copying via FTP now correctly copies files with one or more “%” characters in the path. (PPP-44238)
• White space characters in the SPF explanation text specified in “Tools & Settings” > “Mail Server Settings” are no longer replaced with the “%” character. (PPP-44640)
• Entries in the web server logs containing long URLs with many special characters no longer cause the Log Browser display the logs as blank. (PPP-45326)
• Plesk Installer now properly checks if the /var partition has enough free disk space before installing or updating Plesk. (PPP-45791)
• Restoring a Plesk backup no longer randomly produces warnings due to the nginx restart rate getting exceeded. (PPP-46099)
• The default SPF check failure message no longer contains an outdated link to http://www.openspf.org/ which is no longer operational. (PPP-46173)
• Obsolete files stored in the /usr/local/psa/handlers/spool/ directory are now cleaned out on a regular basis. (PPP-46178)
• Kaspersky Anti-Virus heuristics are now enabled by default. (PPP-46203)
• Mailbox quota warning now works as expected after it is disabled and then enabled again in “Tools & Settings” > “Mail Server Settings”. (PPP-46278)
• Updating to Plesk Obsidian no longer produces the “/usr/local/psa/bootstrapper/components/management-node.sh: line 1588: -D: command not found” error. (PPP-46386)
• On CentOS 6 servers, the misleading “Information on some packages might not be actual: inconsistencies were detected in the system’s package manager database.” warning is no longer shown in “Tools & Settings” > “System Updates”. (PPP-46395)
• Correct memory usage is now shown on the “Tools & Settings” > “Server Information” page. (PPP-46397)
• Plesk backups no longer fail on servers with sql-mode=ANSI specified in the /etc/my.cnf configuration file. (PPP-46398)
• On CentOS 7 servers, website logs are no longer processed by the backup manager if the “exclude log files” option is selected during backup. (PPP-46464)
• Backing up and restoring a subscription with the “Use DKIM spam protection system to sign outgoing email messages” option enabled no longer results in the “Domain has no NS DNS record.” error. (PPP-46509)
• On Ubuntu 16 and Ubuntu 18 servers, files created by scheduled cron tasks running under the psaadm user are now assigned the ‘644’ file system permissions instead of ‘664’ permissions. (PPP-46609)

Windows

• ASP.NET Core 3.0 is now supported.
• Microsoft SQL Server 2019 is now supported.

• Added the ability to simultaneously fix the permissions for a folder as well as every other folder in the path via the plesk bin repair CLI utility:

  plesk bin repair --directory-permissions -directory "<path to the folder>" -fix-parent-dirs
  

• Temporary files generated by PHP FastCGI processes are now stored in a separate folder inside the corresponding domain’s webroot directory.
• Cloning a Plesk server now takes significantly less time. In addition, after cloning a server, the latest updates are automatically installed on the newly created server.
• The information about default documents is no longer stored in individual websites’ ‘applicationHost.config’ files, unless the default documents were modified.
• Creating a backup in Plesk no longer results in the ‘[Errno 13] Permission denied’ error. (PPPM-11374)
• Restoring individual files from a Plesk backup after logging in to Plesk via the TCP port 443 no longer results in the ‘Warning: Permission Denied’ error. (PPP-46715)
• Restoring large (1 GB or more) Microsoft SQL Server databases from a Plesk backup no longer results in the ‘Execution Timeout Expired’ error. (PPPM-11359)
• Website preview no longer fails with the “HTTP Error 404 Not Found” if access to Plesk via the TCP port 443 is enabled on the server. (PPPM-11406)
• Syncing a subscription with a customized value of the “The maximum number of worker processes” parameter with its service plan no longer fails. (PPPM-11388)
• Switching the Plesk mail server to SmarterMail no longer fails if one or more network adapters on the server are disabled. (PPPM-11348)
• Files uploaded via WordPress are now assigned the correct file system permissions. (PPPM-4539)
• Clicking “Dedicated IIS Application Pool for Website” no longer results in the “Unable to manage the IIS application pool because all websites are using a single dedicated application pool.” error on Plesk servers with the “Tools & Settings” > “IIS Application Pool” > “Global Settings” > “Assignment and placement policy” option set to “Always assign one application pool to each subscription”. (PPP-45368)
• Plesk backups are now properly compressed and take less disk space than the content that was backed up. (PPP-46132)
• Plesk email notifications sent to external email addresses no longer fail DKIM validation checks. (PPP-46140)
• Sending a technical report to support from the Plesk UI no longer results in the “<html><head></head>” error. (PPP-46487)
• Changes made to IIS configuration during domain creation are now correctly rolled back if domain creation fails. (PPP-46562)
• Switching the mail server from MailEnable to SmarterMail no longer fails if an alias without an email addresses but with the flag “include all domain users” was created in SmaterMail. (PPP-46652)

Third-Party Component Updates

• Updated PHP used by Plesk to version 7.3.13.

Linux

• Updated Postfix to version 3.4.8.
• Updated Dovecot to version 2.3.9.2.

Windows

• Updated Python to version 2.7.17.
• Updated BIND to version 9.14.8.

• Creating an incremental backup in the FTP storage no longer fails. (PPP-46305)
• Separate files can now be restored from a local backup. (PPP-46601)

• PHP 7.4 is now supported.

Linux

• After update to or installation of Plesk Obsidian on CentOS 7, the mail forwarding, the autoresponder, and other mail-related features now work correctly. (PPP-46272)

• After the update to Plesk 18.0.21, the “Tools & Settings” screen in Power User view is no longer endlessly loaded and no JS errors appear in a browser console. (PPP-46229)
• Scheduled backups can now be created if the backups owner locale was not defined (set to null). (PPP-46219)

• Fixed the text in the banner promoting the Dynamic List view. (PPP-46204)

• Added a banner promoting the Dynamic List view, a new and improved way of listing and managing domains in Plesk.
• On new Plesk Obsidian servers, the Dynamic List view is now selected by default.
• Added a guided tour explaining the benefits of the Dynamic List view.
• Verified that the Plesk mail autodiscover feature is fully compatible with the default Android “Mail” application.
• Plesk servers created via cloning now take less time to initialize.
• Changed and clarified the consent form text shown when a user is prompted to subscribe to the Plesk newsletter. Plesk administrator will see the new consent form and the suggestion to subscribe on their next login to Plesk or right after updating to Plesk Obsidian.
• Changed and clarified the consent form text shown when a user is signing up for a Plesk trial.
• Revamped and updated the default pages shown to visitors of domains without hosting, as well as the Plesk default web page.
• Updated PHP used by Plesk to version 7.3.11 to secure Plesk against a vulnerability found in earlier PHP versions.

• The following entry in the panel.ini file now again allows Plesk screens to be shown in iframes (PPP-46101):

  [security]
  sameOriginOnly = false
  

• Removing a subscription with one or more backups and then creating a subscription with the same name and creating a backup under the new subscription no longer results in Plesk reporting the size of the backup as double the real size. (PPP-45254)
• The contents of the Extensions Catalog are now shown correctly when browsing Plesk using Internet Explorer. (PPP-45309)
• Requesting the list of clients via XML API from a Plesk server with no created clients no longer results in the “Specified owner can not have sub objects” error in the response packet. (PPP-44859)
• Creating a database or database user via Plesk UI under a subscription based on a service plan with Default Database Server set to “None” no longer results in the “Db_Table_Exception” error. (PPP-45315)
• Uploading a new license key and specifying a non-English locale by setting up the “def_locale” parameter in KAPC now results in Plesk correctly using the specified locale instead of the English locale. (PPP-45480)
• Accessing the Plesk login page via an IPv6 address no longer results in an error. (PPP-45236)
• When a domain with no hosting is removed, the SSL/TLS certificate it is secured with is now removed as well. (PPP-45353)

Linux

• On Debian 9 and Ubuntu 18 servers, the “Atomic Standard” and “Atomic Advanced” ModSecurity rulesets are again available.
• On newly deployed Ubuntu 18 servers, connections to Plesk are now secured with TLS version 1.3. On Plesk Obsidian servers updated from an earlier Plesk version (including earlier Plesk Obsidian versions), you can secure connections to Plesk with TLS version 1.3 by running the plesk bin server_pref -u -ssl-protocols "TLSv1.2 TLSv1.3" command.
• The plesk-git-http package is no longer removed when upgrading to Plesk Obsidian. (PPP-45301)
• On CentOS 7 servers with the dnf package installed, upgrading to Plesk Obsidian no longer results in an error. (PI-604)
• On CentOS 7 servers, Apache no longer fails to start after installing PHP from OS vendor via Plesk Installer. (PPP-45093)
• Browsing “Tools & Settings” > “Database Servers” > “MariaDB/MySQL” no longer results in an error if one or more directories containing MySQL configuration files are empty. (PPP-45399)
• Firewall rules are now correctly removed from the INPUT chain even if there are in excess of 400 rules already configured for different IP addresses. (PPP-45404)
• Suspending a domain with proxy mode disabled and nginx caching enabled no longer results in an error. (PPP-44915)
• Browsing a suspended domain with proxy mode disabled now correctly displays the “503 service temporarily unavailable” page. (PPP-45413)
• Updating Plesk no longer results in the creation of a new phpMyAdmin database. (PPP-46039)
• Running the plesk bin ipmanage --ip_list command no longer results in web server reconfiguration. (PPP-46053)
• Updating hosting settings for a domain no longer results in the webmail configuration files being removed and then re-generated. (PPP-46055)

Windows

• On Plesk servers with one or more remote Microsoft SQL servers servers configured, browsing the “Tools & Settings” > “Database Servers” page and its subpages no longer takes a long time to load. (PPP-44032)
• Browsing “Tools & Settings” > “Updates and Upgrade” no longer results in an endless loading loop if an instance of Plesk Installer is already running on the server. (PPP-45051)
• Plesk Installer no longer fails with an error if it is unable to remove one or more subfolders. (PI-605)
• Failed Plesk upgrades no longer leave Plesk in a disabled state. (PPP-45065)
• Some APS applications no longer fail due to inability to use ADO connections on Plesk servers. (PPP-45415)
• Upgrading Plesk no longer fails if the path specified by the PRODUCT_ROOT_D variable uses one or more upper-case letters where lower-case letters should be, or vice versa (for example, specifying the drive letter as “c:" instead of “C:"). (PPP-45456)
• Backing up a domain with custom error documents enabled no longer results in an error if the “error_docs” folder for the domain is removed. (PPP-44525)
• Backing up a subscription no longer results in the “Element ‘vhost’: This element is not expected. Expected is ( vdir )” error. (PPP-46051)
• The names of the files generated when Failed Requests Tracing is enabled for a domain are no longer garbled in the Plesk interface. (PPP-46117)

Third-Party Component Updates

Linux

• Updated Horde to version 5.2.21.
• Updated IMP to version 6.2.24.1.
• Updated Ingo to version 3.2.16.
• Updated Kronolith to version 4.2.27.
• Updated Mnemo to version 4.2.14.
• Updated Passwd to version 5.0.7.
• Updated Pear to version 1.10.9.
• Updated Turba to version 4.2.25.

Windows

• Updated Microsoft Visual C++ 2017 Redistributable to version 14.16.27033.

Linux

• The contents of mailboxes on Plesk servers with Horde and Courier-IMAP 5 installed are now displayed correctly. (PPP-45268)
• Plesk servers with ProFTPD 1.3.6 installed are no longer vulnerable to denial of service attacks. (PPP-45349)

• When the Dynamic List view is chosen, opening the drop-down menu next to a domain to remove that domain no longer results in the menu remaining expanded indefinitely. (PPP-44499)

Linux

• Plesk no longer sends the Plesk administrator hourly cronjob failure notifications if one or more PHP extensions fails to load. (PPP-45265)

Windows

• Trying to manage mail accounts for a domain no longer results in an error if the domain has one or more subdomains and SmarterMail 100 is used as the default mail server. (PPP-45072)

• Plesk administrators can now specify the desired weekdays and time range when Plesk auto-updates are installed.
• Mail autodiscover can be now turned on and off for particular service plans.
• Set “Comodo (free)” as the default ModSecurity rule set. On OSes where “Comodo (free)” is absent, the default rule set will be “OWASP (free)”.
• Added pagination to the Dynamic List view mode.
• The Plesk default password strength policy will be set to “Strong” starting from November 19th, 2019. See the details.
• Improved the load speed of screenshots of websites’ landing pages in the Dynamic List view mode.
• Returned to the three-digit versioning scheme (x.y.z), where an update is specified as a separate number, for example, Plesk 18.0.19 Update 2.
• Backups upload to the Microsoft OneDrive storage no longer occasionally fails. (EXTPLESK-856, EXTPLESK-1147)
• If subscriptions of several owners exceeded the allowed disk space, owners now receive their own separate email notifications about the resources overuse. (PPP-44528)
• Fixed automatic logging in to Plesk: the success_redirect_url parameter now again accepts a relative URL path. (PPP-44681)
• Plesk administrators can now again install APS applications even if the administrators do not have their own subscriptions. (PPP-44635)
• The “Mailing Lists” is no longer shown if Mailman is not installed. (PPP-44524)
• It is now again possible to set a system user’s password via an API-RPC request. (PPP-44614)
• Users can now again restore specific objects (a subscription, a mailbox, and so on) from a backup if the backup size exceeds 4 GB. (PPP-44444)
• An IP address in the SPF record is now updated when a public IP address of the sever is changed. (PPP-43552)
• Webspaces are now sorted alphabetically in Backup Manager in Power User view when “All subscriptions” is selected (transparent webspaces mode). (PPP-43968)
• Null MX records can now be created. (PPP-43763)

Linux

• In Plesk on Ubuntu 18, sw-cp-server is now compiled with TLSv1.3. (PPP-44542)
• If Plesk was installed without the mail server (MSMTP), the default SSL/TLS certificate can now be removed. (PPP-44652)
• Plesk Obsidian now shows a correct update version and the last update date. (PPP-44316)
• The Horde webmail client now again correctly shows email messages in plan text. (PPP-44776)
• While updating to Plesk Obsidian, a misleading error message “WARNING: There are 1 mail accounts with passwords encrypted using a deprecated algorithm” is no longer shown because the corresponding bug PPP-43681 (about email address accounts, whose passwords were encrypted) has been already fixed. (PPP-44607)
• Added pagination to the Tools & Settings > Services Management page: more than 25 services can now be displayed. (PPP-44565)
• Kaspersky AntiVirus no longer sends error email notifications when a Kaspersky license is removed or terminated. (PPP-44620)
• On CentOS 7, after Plesk update from Onyx to Obsidian, the Plesk interface no longer occasionally becomes unavailable with the “Server Error 500 PleskUtilException” error message. (PPP-44602)
• In Plesk Obsidian on RedHat or CentOS 7, logs no longer show segmentation faults if a server has sessions with the “Too many authentication failures” errors. (PPP-44198)
• Plesk Obsidian update no longer occasionally fails with segmentation faults. (PPP-44794)

Windows

• Prepared online demos for Plesk Obsidian on Windows.
• If the SmarterMail server is used, users can now back up and restore their mail via IMAP.
• Special characters are now correctly processed within a Plesk administrator password during Plesk installation. (PPP-44348)
• MSDNS no longer fails to create DNS records when a server IP address is added to Zone Transfers. (PPP-44852)
• Backing up and restoration no longer occasionally fails with the “The system cannot find the file specified” error. (PPP-44804)
• Significantly sped up the creation of subdomains. (PPP-44951)
• Plesk upgrade no longer fails when run under a user with no write permissions for the Recycled Bin. (PI-600)

Third-Party Component Updates

• Updated PHP 7.3 to version 7.3.10.
• Updated PHP 7.2 to version 7.2.23.

Linux

• Updated Courier-IMAP to versions 5.0.8.
• Updated Roundcube to version 1.3.10.

Windows

• Updated MailEnable to version 10.27.
• Updated BIND to version 9.14.6.

• Emails about resource overuse are no longer sent to Plesk users other than the subscription’s owner. (PPP-44526)
• ModSecurity is now enabled on clean Plesk Obsidian installations. (PPP-44527)

• It is now again possible to edit files with Windows line endings in Code Editor of File Manager, Panel.ini Editor, and PHP Сomposer. (PPP-44495)

• Updated the Plesk Lifecycle Policy.
• New Plesk Obsidian features are now available for users in their native languages.
• The PHP Composer extension is now shipped by default with Plesk.
• The Advanced Monitoring extension is now shipped by default with Plesk.

• Introduced a number of new features and improvements for the Dynamic List view mode in Websites & Domains:
  • Extensions developers can now add tabs of their own extensions to domains’ cards.
  • Extensions developers can now add buttons of their own extensions to particular button groups on the Dashboard tab of domains’ cards.
  • Improved the layout of buttons and controls on domains’ cards.
  • Replaced old color icons with new grayscale ones.
  • Improved the collapse and expand mechanism.
• Plesk administrators can now customize the mailbox quota notification email.
• Mail autodiscover can be now turned on and off for the whole server or for particular domains.
• Rolled back the changes made to Active List in the previous iterations to keep this familiar view mode for customers who do not want to use the new Dynamic list.
• Improved how the preview of automatic email notifications shows the email subject.
• Increased the default value of the PHP-FPM max_children setting to 10.
• After updating Plesk Onyx to Plesk Obsidian, the following extensions will now be automatically installed: Repair Kit, SSL It!, PHP Composer, and Advanced Monitoring (replaces Server Health Monitor present in Plesk Onyx).
• Improved error messages shown if an extension failed to be installed: the error messages now contain the name of the extension that faced installation issues.
• Removed the Server Health Monitor component and replaced it with Advanced Monitoring.
• When multiple files are opened in File Manager via Code Editor, Code Editor tabs now show correct content of the files. (PPP-43622)
• Customers can now switch between their own subscriptions when they are on the WordPress Toolkit page without the “Warning: Possible phishing attempt detected…” error. (PPP-43913)
• It is now possible to log in to Plesk using the LDAP Auth extension when the “Disable Plesk native authentication” checkbox is selected. (PPP-43128)
• If the “Access to Application Catalog” permission is not selected for a customer’s subscription, Applications > All available applications no longer shows unavailable versions of an application ready for installation after any version of the application was uploaded. (PPP-43134)
• Rotation of server local backups now works even if the server hostname length exceeds 47 characters. (PPP-44325)
• Monthly resource usage reports sent by email now contain the necessary statistics because the are now generated on the last day of a month. (PPP-43563)
• It is now possible to create a backup without a warning if a folder that contained a custom branding theme was removed. (PPP-43734)

Linux

• Mail autodiscover now works for subdomains served only by Apache.
• The pci_compliance_resolver utility no longer causes security warnings in browsers because the utility now uses up-to-date SSL protocols and cyphers.
• Certain services (Plesk Autoinstaller, sw-cp-server, nginx, Apache, Postfix, ProFTPD, and Dovecot) can now use the server TLS cipher suite order instead of the client cipher suite order as it was before. On clean Plesk Obsidian installations, the server TLS cipher suite order is enabled by default. For updated installations, administrators can enable it manually for all server’s services (using the server_pref utility) or for a particular service (using the sslmng utility).
• When the Webalizer or AWStats components are removed, the access_log.webstat file is also removed and webstatistics is no longer calculated. (PPP-24426)
• WordPress Toolkit can now scan installations even if they have broken symlinks. (PPP-44063)
• If a server that has Fail2ban and Plesk firewall installed is restarted, Fail2ban and Plesk firewall are now started in the right order: sequentially and without conflicts that could be earlier caused by the simultaneous editing of iptables. (PPP-43152)
• If a mail server is secured with an SSL/TLS certificate from Let’s Encrypt and the Roundcube webmail client is used, emails can now be sent without issues. (PPP-44131)
• If shortname authorization is enabled on the server and a mail account password is encrypted, the password can now be changed in webmail. (PPP-33293)
• The plesk repair all -n command no longer reports false positive errors regarding incorrect permissions of the /etc/init.d/postfix file. (PPP-43564)
• The pci_compliance_resolver utility can now be enabled for Dovecot and Courier LDAs. (PPP-36611)
• If a service fails the Watchdog monitoring tests, the service will be now immediately restarted (without the 5-minute downtime as it was earlier). (PPP-41001)
• After updating Plesk Onyx version 17.5 to Plesk Obsidian on Debian-based OSes, running the Plesk repair utility no longer shows misleading warnings. (PPP-36507)
• An email with the empty FROM: <> field can no longer bypass the SpamAssassin filter. (PPP-43562)
• On Ubuntu 16.04 and Debian 8, ModSecurity can now be again installed and switched on with the Atomic Standard rule set. (PPP-44268)
• nginx now better validates its SSL configuration: if, for any reason, an SSL/TLS certificate is missing for a domain, Plesk now skips the SSL configuration for the domain. (PPP-44031)

Windows

• Users’ Microsoft Outlook and Thunderbird mail clients can now be automatically configured based on entered emails.
• A new REST API now manages SmarterMail 100 or later, which is why mail users in SmarterMail 100 or later can now be renamed.
• Excluded a number of outdated, insecure, or not popular extensions and components from the recommended and full presets.
• Backups created in Plesk Onyx 17.x can now be restored in Plesk Obsidian. (PPP-44246)
• Improved an error message shown when a password sent to Plesk via an XML-RPC request does not meet the the OS password security policy (“Local Security Policy”). (PPP-43600)

Third-Party Component Updates

• Updated PHP 7.3 to version 7.3.9.
• Updated PHP 7.2 to version 7.2.22.
• Updated PHP 7.1 to version 7.1.32.

Linux

• ProFTPD now supports the DSO module.

Windows

• Updated Node.js 8 to version 8.16.1.
• Updated Node.js 10 to versions 10.16.3.

Third-Party Component Updates

Linux

• Updated Dovecot and Pigeonhole to versions 2.3.7.2 and 0.5.7.2 respectively, which include a fix for a major security issue. We strongly recommend that you update Plesk.

• Plesk administrators and resellers can now move the main domain to a new subscription in the Plesk interface (Plesk administrators can do so also via the CLI).
• Added the following Plesk notifications:
  • Plesk updates are available.
  • A Plesk update/hotfix has been installed.
  • A Plesk update has not been installed.
  • Web Application Firewall: a new rule set or new rules have been installed.
• Introduced the new “Dynamic List” mode to view the “Websites & Domains” screen. This mode groups controls of each website in blocks we call cards (similar to those in WordPress Toolkit).

• If SSL/TLS support for a website is turned off, the “Open website” button now opens the website via HTTP. Plesk administrators can also set up “Open website” to open websites always via HTTP (regardless of website’s SSL/TLS support) by adding the following lines to the panel.ini file:

  [domainManagement]
  openButtonForceHttp = 1
  

• Introduced new icons of the main menu.
• Improved the X-XSS-Protection response header of Plesk pages.
• Updated the Plesk Installer interface. Now it is easier to install or upgrade to the latest version of Plesk Obsidian.
• Running the plesk bin utilities without parameters now shows the help page.
• Scheduled backups to Microsoft OneDrive no longer fail with the “504 Gateway Timeout” error message. (EXTPLESK-856)
• Plesk administrator’s backups are now restored even if no available dedicated IP addresses exist. (PPP-43673)
• It is now possible to log in to Plesk with an email address account, whose password was encrypted. (PPP-43681)
• Customers can no longer be occasionally created as if they belong to other customers. (PPP-31797)
• The plesk repair mail can no longer break all mail accounts on the server if one of the accounts has a password that contains an unsupported character. (PPP-43832)
• The “Log In as Customer” link is no longer shown next to customers that do not have subscriptions. (PPP-43639)

Linux

• Users’ Microsoft Outlook and Thunderbird mail clients can now be automatically configured based on entered emails.
• Updated the list of extensions and components installed by default.
• Improved deployment of Plesk Obsidian cloud images:
  • Significantly sped up the deployment (25 seconds now against 8 minutes earlier).
  • An actual deployment status is now shown. It is possible to see if the deployment finished successfully or with errors.
  • Plesk now installs available updates 30 minutes after deployment.
• Fixed issues created by the bug fix PPPM-10715. You can now rename your domain or restore it from a backup—no issues with your mail for a domain will occur. (PPP-43460)
• If a user tries to change virtual hosts location and SELinux is running in enforcing mode, the transvhosts.pl utility now exits with an error message. The message suggests disabling SELinux or setting it to permissive mode to avoid breaking hosted websites. (PPP-43217)
• Updating the Atomic Standard ModSecurity rule set no longer hangs. (PPP-43620)
• Removing the system PHP 7.2 component (which is optional since Plesk Onyx 17.9 Preview 11) no longer causes repetitive error messages from the hourly cron task: “find: ‘/etc/php/7.2’: No such file or directory”. (PPP-43824)

Third-Party Component Updates

• Updated PHP 7.3 to version 7.3.8.
• Updated PHP 7.2 to version 7.2.21.
• Updated PHP 7.1 to version 7.1.31.

Linux

• Updated nginx to version 1.16.1 (both for Plesk and customers’ websites).

Windows

• Updated ASP.NET Core 2.2 to version 2.2.6.
• Updated ASP.NET Core 2.1 to version 2.1.12.
• Dropped support for ASP.NET Core 1.1.
• Dropped support for ASP.NET Core 1.0.
• Updated MariaDB to version 10.3.17 (both for the Plesk database and for customers’ websites.)
• Updated MailEnable to version 10.25.

• Users can now try Plesk Obsidian online demos.

• Introduced new Plesk notifications, which are now shown in a separate pane. To see notifications, click the bell icon in the upper right corner of the screen. Here you can also manage the notifications’ settings. To do so, click the gear icon.

  At the moment, the notification pane shows only one notification type (when one of the parameters monitored by Server Health reached the “red” alert level). More notifications are on the way.

• When Postfix is used, mail.<domain> can now be secured if an SSL/TLS certificate covers it.
• It is now possible to create a secret key via the CLI or API without specifying the IP address the key will be linked to.
• Updated Plesk banners (Plesk Welcome screen, Plesk initializing screen, and others) shown when the Obsidian color scheme is selected.
• A Plesk custom logo and page title can now be installed via the CLI or API.
• A Plesk edition is no longer shown on the Plesk logo and some other screens. Users can always see a Plesk edition in Tools & Settings > About Plesk (under “Plesk”).
• Redesigned the website screen in Websites & Domains: removed the duplicated info and made the screen more laconic.
• File Manager now switches to a correct website, when File Manager is opened via a direct URL. (PPP-41536)
• Duplicate access controls are no longer shown when adding or updating a database user in Plesk that has remote configuration of database servers. (PPP-43181)
• If a particular subscription does not have the “Setup of potentially insecure web scripting options that override provider’s policy” permission, a user can now change the subscription’s hosting settings. (PPP-42972)
• Email aliases with the same name can now be created via the XML-RPC. (PPP-43256)

Linux

• Mail users now receive email notifications when more than 95% of their mailbox disk space is occupied. The users can also see the information about the mailbox storage disk space, its usage, and limits in the Horde and Roundcube webmail clients.
• On new Plesk servers, the Poppassd service on TCP port 106 no longer accepts external connections from the Internet.
• If Postfix is used, an SSL/TLS certificate from Let’s Encrypt (and from other CAs whose certificate files contain the CSR part) can now secure mail for a domain. If you renamed your domain or restored it from a backup and now face issues with your mail for a domain, assign an SSL/TLS certificate to the mail once again. (PPPM-10715)
• In File Manager, all files can no longer be renamed so that their names contain spaces at the beginning or end (for example, “file “ and “ file”). Previously, if the.htaccess file was renamed this way, a website could work incorrectly. (PPP-43006)
• The phpMyAdmin interface is now again accessible via the URL /phpmyadmin. (PPP-42510)
• Improved stability in PHP 7.3.7 and 7.2.20 by fixing the PHP-FPM segmentation faults in fpm_event_epoll_wait. (PPP-43093)
• The “Maximum bandwidth usage (KB/s)” and “Connections limited to” options on the “Performance” tab of a service plan can no longer be changed if the Apache “bw” module is not enabled. (PPP-43011)